GHSA-x7m9-mv49-fv73: Vaultwarden vulnerable to user impersonation

GHSA-vprm-27pv-jp3w: Vaultwarden authenticated reflected cross-site scripting (XSS) vulnerability

GHSA-g5x8-v2ch-gj2g: Vaultwarden HTML injection vulnerability

GHSA-5xh2-23cc-5jc6: Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution

GHSA-675f-rq2r-jw82: JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

An issue was discovered in REDAXO version 5.15.1, allows attackers to execute arbitrary code and obtain sensitive information via modules.modules.php.

**Code injection in REDAXO**

High severity GitHub Reviewed Published Feb 17, 2024 to the GitHub Advisory Database • Updated Feb 20, 2024

Headline

GHSA-7f2v-5877-rx3x: Code injection in REDAXO

ghsa: Latest News