GHSA-76mw-6p95-x9x5: pac4j-core affected by a Java deserialization vulnerability

GHSA-6h64-g7cj-hj56: Lord of Large Language Models (LoLLMs)  path traversal vulnerability in the api open_personality_folder endpoint

GHSA-vgxq-6rcf-qwrw: angular-base64-upload vulnerable to unauthenticated remote code execution

GHSA-8rm2-93mq-jqhc: Extract has insufficient checks allowing attacker to create symlinks outside the extraction directory.

GHSA-gx9m-whjm-85jf: DOMpurify has a nesting-based mXSS

Cross-site Scripting (XSS) - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0.

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2022-2218

**Cross site scripting in parse-url**

Critical severity GitHub Reviewed Published Jun 28, 2022 • Updated Jul 5, 2022

We are still processing this advisory. You may have affected repositories that are not yet on this list. Check back soon for more.

**Package**

npm parse-url (npm)

**Affected versions**

< 6.0.1

**Description**

Headline

GHSA-jpp7-7chh-cf67: Cross site scripting in parse-url

ghsa: Latest News