GHSA-76mw-6p95-x9x5: pac4j-core affected by a Java deserialization vulnerability

GHSA-6h64-g7cj-hj56: Lord of Large Language Models (LoLLMs)  path traversal vulnerability in the api open_personality_folder endpoint

GHSA-vgxq-6rcf-qwrw: angular-base64-upload vulnerable to unauthenticated remote code execution

GHSA-8rm2-93mq-jqhc: Extract has insufficient checks allowing attacker to create symlinks outside the extraction directory.

GHSA-gx9m-whjm-85jf: DOMpurify has a nesting-based mXSS

Draft protected images can be published by changing an existing image shortcode on website content to match the ID of the draft protected image and then publishing the website content.

**Unpublished, protected files can be published via shortcode**

Moderate severity GitHub Reviewed Published Jun 29, 2022 • Updated Jun 29, 2022

Headline

GHSA-v68g-62v9-39w5: Unpublished, protected files can be published via shortcode

Related news

ghsa: Latest News