GHSA-j4jw-m6xr-fv6c: Soft Serve vulnerable to path traversal attacks

GHSA-mjf9-4pcv-vfg7: Apache OpenMeetings vulnerable to Deserialization of Untrusted Data 

GHSA-8863-4qmg-fr45: Apache Airflow Fab Provider Insufficient Session Expiration vulnerability

GHSA-95m2-chm4-mq7m: PHP-Textile has persistent XSS vulnerability in image link handling

GHSA-2r2v-9pf8-6342: WireGuard Portal v2 Vulnerable to OAuth Insecure Redirect URI / Account Takeover

A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.

**October Cross-site Scripting vulnerability**

Moderate severity GitHub Reviewed Published Sep 28, 2023 to the GitHub Advisory Database • Updated Sep 29, 2023

Headline

GHSA-2g8p-j2r6-vqpj: October Cross-site Scripting vulnerability

Related news

ghsa: Latest News