GHSA-j4rj-fgcq-wmqp: Cockpit - Content Platform vulnerable to XSS through name or email argument names

GHSA-p85q-mww9-gwqf: Citizen Short Description stored XSS vulnerability through wikitext

GHSA-prmv-7r8c-794g: Citizen vulnerable to Stored XSS through short descriptions

GHSA-67rr-84xm-4c7r: Next.JS vulnerability can lead to DoS via cache poisoning 

GHSA-r2fc-ccr8-96c4: Next.js has a Cache poisoning vulnerability due to omission of the Vary header

Feather-Sequelize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.

**Feather-Sequelize cleanQuery method vulnerable to Prototype Pollution**

Critical severity GitHub Reviewed Published Oct 26, 2022 • Updated Oct 31, 2022

Headline

GHSA-p5m3-27vh-52j4: Feather-Sequelize cleanQuery method vulnerable to Prototype Pollution

ghsa: Latest News