GHSA-675f-rq2r-jw82: JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

GHSA-7w6r-748w-mh52: pgAdmin has Incorrect Default Permissions

GHSA-q8fg-cp3q-5jwm: Mattermost Incorrect Authorization vulnerability

GHSA-7rgp-4j56-fm79: Mattermost has Improper Check for Unusual or Exceptional Conditions

GHSA-2549-xh72-qrpm: Mattermost Improper Validation of Specified Type of Input vulnerability

Konga v0.14.9 is vulnerable to Cross Site Scripting (XSS) via the username parameter.

**Konga is vulnerable to Cross Site Scripting (XSS) attacks**

Moderate severity GitHub Reviewed Published May 14, 2024 to the GitHub Advisory Database • Updated May 14, 2024

Headline

GHSA-93pf-mrc8-4g3h: Konga is vulnerable to Cross Site Scripting (XSS) attacks

ghsa: Latest News