GHSA-rxq8-q85f-m866: Prevent XSS from Confidant API call

GHSA-58vj-cv5w-v4v6: Navidrome has Multiple SQL Injections and ORM Leak

GHSA-73rg-f94j-xvhx: Plate allows arbitrary DOM attributes in element.attributes and leaf.attributes

GHSA-9hf4-67fc-4vf4: Puma's header normalization allows for client to clobber proxy set headers

GHSA-vvf8-2h68-9475: Keycloak Open Redirect vulnerability

An issue was discovered in the friendlycaptcha_official (aka Integration of Friendly Captcha) extension before 0.1.4 for TYPO3. The extension fails to check the requirement of the captcha field in submitted form data, allowing a remote user to bypass the captcha check. This only affects the captcha integration for the ext:form extension.

**FriendlyCaptcha Plugin for TYPO3 Captcha Check Bypass**

Moderate severity GitHub Reviewed Published Jun 21, 2024 to the GitHub Advisory Database • Updated Jun 21, 2024

Headline

GHSA-jg62-h7pv-hxgv: FriendlyCaptcha Plugin for TYPO3 Captcha Check Bypass

ghsa: Latest News