GHSA-6jrf-rcjf-245r: changedetection.io path traversal using file URI scheme without supplying hostname

GHSA-7mr7-4f54-vcx5: HTTP Client uses incorrect token after refresh

GHSA-hfq9-hggm-c56q: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream

GHSA-2w5v-x29g-jw7j: Hashicorp Nomad Incorrect Authorization vulnerability

GHSA-3m9x-2qfj-xvq4: PHPExcel XXE Vulnerability

A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component `/jobinfo/`.

**Privilege escalation in XXL-Job**

Moderate severity GitHub Reviewed Published May 26, 2023 to the GitHub Advisory Database • Updated May 26, 2023

Headline

GHSA-9mmj-64jh-ph9c: Privilege escalation in XXL-Job

Related news

ghsa: Latest News