GHSA-g5vw-3h65-2q3v: Access control vulnerable to user data deletion by anonynmous users

GHSA-3hxg-fxwm-8gf7: CRLF injection in Refit's [Header], [HeaderCollection] and [Authorize] attributes 

funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin.

**SQL injection in funadmin**

High severity GitHub Reviewed Published Oct 25, 2024 to the GitHub Advisory Database • Updated Oct 25, 2024