GHSA-5jfw-gq64-q45f: HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through

GHSA-hrxh-9w67-g4cv: Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata

Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

**Cross site scripting in yetiforce/yetiforce-crm**

Moderate severity GitHub Reviewed Published Aug 23, 2022 • Updated Aug 30, 2022