GHSA-6gf2-ffq8-gcww: GHSL-2024-288: SickChill open redirect in login

GHSA-j3f9-p6hm-5w6q: Carbon has an arbitrary file include via unvalidated input passed to Carbon::setLocale

GHSA-cjgq-5qmw-rcj6: keras Path Traversal vulnerability

GHSA-j4jw-m6xr-fv6c: Soft Serve vulnerable to path traversal attacks

GHSA-mjf9-4pcv-vfg7: Apache OpenMeetings vulnerable to Deserialization of Untrusted Data 

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting (XSS) because it fails to sanitize user input in the artlang parameter. This has been fixed in 3.1.12.

**thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via artlang parameter**

High severity GitHub Reviewed Published Apr 5, 2023 to the GitHub Advisory Database • Updated Apr 6, 2023

Headline

GHSA-m8q9-7v2f-qjx9: thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via artlang parameter

Related news

ghsa: Latest News