GHSA-gmx7-gr5q-85w5: magic-crypt uses insecure cryptographic algorithms

GHSA-gv7f-5qqh-vxfx: xous has unsound usages of `core::slice::from_raw_parts` 

GHSA-ggwq-xc72-33r3: LGSL has a reflected XSS at /lgsl_files/lgsl_list.php

GHSA-8jhw-6pjj-8723: Better Auth has an Open Redirect Vulnerability in Verify Email Endpoint

GHSA-4fwj-m62q-pp47: Password Pusher Allows Session Token Interception Leading to Potential Hijacking

The course participation report required additional checks to prevent roles being displayed which the user did not have access to view.

**Moodle may display roles to users who don't have access to them**

Moderate severity GitHub Reviewed Published Mar 23, 2023 to the GitHub Advisory Database • Updated Mar 23, 2023

Headline

GHSA-vj5p-fp42-774p: Moodle may display roles to users who don't have access to them

Related news

ghsa: Latest News