GHSA-cjgq-5qmw-rcj6: keras Path Traversal vulnerability

GHSA-j4jw-m6xr-fv6c: Soft Serve vulnerable to path traversal attacks

GHSA-mjf9-4pcv-vfg7: Apache OpenMeetings vulnerable to Deserialization of Untrusted Data 

GHSA-8863-4qmg-fr45: Apache Airflow Fab Provider Insufficient Session Expiration vulnerability

GHSA-95m2-chm4-mq7m: PHP-Textile has persistent XSS vulnerability in image link handling

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting (XSS) because it fails to sanitize user input in the `category field name` parameter. This has been fixed in 3.1.12.

**thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via category field name parameter**

Moderate severity GitHub Reviewed Published Apr 5, 2023 to the GitHub Advisory Database • Updated Apr 6, 2023

Headline

GHSA-xxm6-ff3x-v4vm: thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via category field name parameter

Related news

ghsa: Latest News