GHSA-g5x8-v2ch-gj2g: Vaultwarden HTML injection vulnerability

GHSA-x7m9-mv49-fv73: Vaultwarden vulnerable to user impersonation

GHSA-vprm-27pv-jp3w: Vaultwarden authenticated reflected cross-site scripting (XSS) vulnerability

GHSA-5xh2-23cc-5jc6: Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution

GHSA-675f-rq2r-jw82: JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk.

**Moodle vulnerable to Cross-site Scripting when algebra filter enabled but not functional**

Moderate severity GitHub Reviewed Published Mar 23, 2023 to the GitHub Advisory Database • Updated Mar 23, 2023

Headline

GHSA-9f45-9qrw-pp4v: Moodle vulnerable to Cross-site Scripting when algebra filter enabled but not functional

Related news

ghsa: Latest News