GHSA-53q7-4874-24qg: Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL

GHSA-gxrv-wf35-62w9: Bypassing IP allow-lists in traefik via HTTP/3 early data requests in QUIC 0-RTT handshakes

GHSA-m9gv-6p22-qgmj: ai-controller-frontend payment status in basket isn't reset

GHSA-fqpg-rq76-99pq: Panic in Pipeline when PgConn is busy or closed in github.com/jackc/pgx

GHSA-p9cg-vqcc-grcx: Server Side Request Forgery (SSRF) attack in Fedify

It has been discovered that cookies created in the Install Tool are not hardened to be submitted only via HTTP. In combination with other vulnerabilities such as cross-site scripting it can lead to hijacking an active and valid session in the Install Tool.

**TYPO3 Security Misconfiguration in Install Tool Cookie**

High severity GitHub Reviewed Published Jun 7, 2024 to the GitHub Advisory Database

Headline

GHSA-f777-f784-36gm: TYPO3 Security Misconfiguration in Install Tool Cookie

ghsa: Latest News