GHSA-j4jw-m6xr-fv6c: Soft Serve vulnerable to path traversal attacks

GHSA-mjf9-4pcv-vfg7: Apache OpenMeetings vulnerable to Deserialization of Untrusted Data 

GHSA-8863-4qmg-fr45: Apache Airflow Fab Provider Insufficient Session Expiration vulnerability

GHSA-95m2-chm4-mq7m: PHP-Textile has persistent XSS vulnerability in image link handling

GHSA-2r2v-9pf8-6342: WireGuard Portal v2 Vulnerable to OAuth Insecure Redirect URI / Account Takeover

### Impact
Any module can be disabled or uninstalled from back office, even with low user right.

### Patches
8.1.2

### Workarounds
none

### References


**PrestaShop allows users to uninstall modules from backoffice, even with low rights**

Moderate severity GitHub Reviewed Published Sep 28, 2023 in PrestaShop/PrestaShop • Updated Sep 28, 2023

Headline

GHSA-6jmf-2pfc-q9m7: PrestaShop allows users to uninstall modules from backoffice, even with low rights

Impact

Patches

Workarounds

References

ghsa: Latest News