Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-fj2w-qmjp-3rjm: Gollum 5.0 before 5.1.2 vulnerable to cross-site scripting via filename parameter to New Page dialog

Cross site scripting (XSS) in gollum 5.0 to 5.1.2 via the filename parameter to the ‘New Page’ dialog.

ghsa
Open in Source
#xss#git

Gollum 5.0 before 5.1.2 vulnerable to cross-site scripting via filename parameter to New Page dialog

Moderate severity GitHub Reviewed Published Jul 16, 2022 • Updated Jul 20, 2022

Related news

CVE-2020-35305: GOLLUM.COM may be available for sale or other proposals

Cross site scripting (XSS) in gollum 5.0 to 5.1.2 via the filename parameter to the 'New Page' dialog.

ghsa: Latest News

GHSA-76mw-6p95-x9x5: pac4j-core affected by a Java deserialization vulnerability
ghsa