GHSA-95m2-chm4-mq7m: PHP-Textile has persistent XSS vulnerability in image link handling

GHSA-2r2v-9pf8-6342: WireGuard Portal v2 Vulnerable to OAuth Insecure Redirect URI / Account Takeover

GHSA-r5vf-wf4h-82gg: matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity

GHSA-f27p-cmv8-xhm6: fetch: Authorization headers not dropped when redirecting cross-origin

GHSA-2p95-8xvm-2pjx: REDAXO CMS Cross-site Scripting vulnerability

An issue discovered in Craft CMS version 4.6.1.1 allows remote attackers to cause a denial of service (DoS) via crafted string to Feed-Me Name and Feed-Me URL fields due to saving a feed using an Asset element type with no volume selected.

**Craft CMS Feed-Me**

Moderate severity GitHub Reviewed Published Jan 30, 2024 to the GitHub Advisory Database • Updated Jan 30, 2024

Headline

GHSA-6p78-f7h9-6838: Craft CMS Feed-Me

ghsa: Latest News