GHSA-gmx7-gr5q-85w5: magic-crypt uses insecure cryptographic algorithms

GHSA-gv7f-5qqh-vxfx: xous has unsound usages of `core::slice::from_raw_parts` 

GHSA-ggwq-xc72-33r3: LGSL has a reflected XSS at /lgsl_files/lgsl_list.php

GHSA-8jhw-6pjj-8723: Better Auth has an Open Redirect Vulnerability in Verify Email Endpoint

GHSA-4fwj-m62q-pp47: Password Pusher Allows Session Token Interception Leading to Potential Hijacking

Authenticated users were able to enumerate other users' names via the learning plans page.

**Moodle may allow authenticated users to enumerate other user's names via learning plans page**

Moderate severity GitHub Reviewed Published Mar 23, 2023 to the GitHub Advisory Database • Updated Mar 23, 2023

Headline

GHSA-hh52-g5c4-wprh: Moodle may allow authenticated users to enumerate other user's names via learning plans page

Related news

ghsa: Latest News