GHSA-cjgq-5qmw-rcj6: keras Path Traversal vulnerability

GHSA-j4jw-m6xr-fv6c: Soft Serve vulnerable to path traversal attacks

GHSA-mjf9-4pcv-vfg7: Apache OpenMeetings vulnerable to Deserialization of Untrusted Data 

GHSA-8863-4qmg-fr45: Apache Airflow Fab Provider Insufficient Session Expiration vulnerability

GHSA-95m2-chm4-mq7m: PHP-Textile has persistent XSS vulnerability in image link handling

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting (XSS) because it fails to sanitize user input in the FAQ News link parameter. This has been fixed in 3.1.12.

**thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via FAQ News link parameter**

High severity GitHub Reviewed Published Apr 5, 2023 to the GitHub Advisory Database • Updated Apr 6, 2023

Headline

GHSA-jvjx-qqh7-6x6c: thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via FAQ News link parameter

Related news

ghsa: Latest News