GHSA-3m86-c9x3-vwm9: Graylog vulnerable to privilege escalation through API tokens

GHSA-3q26-f695-pp76: @cyanheads/git-mcp-server vulnerable to command injection in several tools

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

**thorsten/phpmyfaq is vulnerable to cross-site scripting (XSS)**

Moderate severity GitHub Reviewed Published Jan 16, 2023 • Updated Jan 19, 2023