GHSA-rxq8-q85f-m866: Prevent XSS from Confidant API call

GHSA-58vj-cv5w-v4v6: Navidrome has Multiple SQL Injections and ORM Leak

Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.

**Snipe-IT allows attackers to check whether a user account exists**

Moderate severity GitHub Reviewed Published Dec 25, 2022 • Updated Dec 30, 2022