GHSA-76mw-6p95-x9x5: pac4j-core affected by a Java deserialization vulnerability

GHSA-6h64-g7cj-hj56: Lord of Large Language Models (LoLLMs)  path traversal vulnerability in the api open_personality_folder endpoint

Fava before 1.22.3 is vulnerable to reflected cross-site scripting due to improper validation on filter conversion.

**Fava before 1.22.3 vulnerable to reflected cross-site scripting**

Moderate severity GitHub Reviewed Published Aug 2, 2022 • Updated Aug 10, 2022