GHSA-gmx7-gr5q-85w5: magic-crypt uses insecure cryptographic algorithms

GHSA-gv7f-5qqh-vxfx: xous has unsound usages of `core::slice::from_raw_parts` 

GHSA-ggwq-xc72-33r3: LGSL has a reflected XSS at /lgsl_files/lgsl_list.php

GHSA-8jhw-6pjj-8723: Better Auth has an Open Redirect Vulnerability in Verify Email Endpoint

GHSA-4fwj-m62q-pp47: Password Pusher Allows Session Token Interception Leading to Potential Hijacking

Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.

**Moodle arbitrary file read vulnerability**

Moderate severity GitHub Reviewed Published Mar 23, 2023 to the GitHub Advisory Database • Updated Mar 23, 2023

Headline

GHSA-56r9-72vx-q989: Moodle arbitrary file read vulnerability

Related news

ghsa: Latest News