GHSA-74q2-6jp4-3rqq: Krayin CRM vulnerable to Cross Site Scripting (XSS) via the organization name

GHSA-632q-77qj-c89q: LimeSurvey Cross Site Scripting vulnerability

GHSA-c7xm-rwqj-pgcj: LimeSurvey Cross Site Scripting vulnerability

GHSA-6hwr-6v2f-3m88: XXE in PHPSpreadsheet's XLSX reader

GHSA-r8w8-74ww-j4wh: PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via JavaScript hyperlinks

In modoboa prior to 2.1.0, sending a GET request to the endpoint `/api/v2/parameters/core/` returns sensitive information without any authentication or authorization.

**Improper Authorization in modoboa**

High severity GitHub Reviewed Published Apr 21, 2023 to the GitHub Advisory Database • Updated Apr 24, 2023

Headline

GHSA-67mg-gm8m-ph5r: Improper Authorization in modoboa

Related news

ghsa: Latest News