Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-8jh8-33f5-cgfp: Answer vulnerable to Cross-site Scripting

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.

ghsa
Open in Source
#xss#git
GHSA-vxhr-p2vp-7gf8: Answer vulnerable to Cross-site Scripting

Cross-site Scripting (XSS) - Reflected in GitHub repository answerdev/answer prior to 1.0.6.

GHSA-5w78-v688-cx9q: Answer vulnerable to Cross-site Scripting

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.

GHSA-9v4v-9fj5-p982: Answer vulnerable to Cross-site Scripting

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.

GHSA-6c32-3x46-m9rh: Answer vulnerable to Cross-site Scripting

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.

GHSA-h85v-cx5m-78wj: Answer vulnerable to Cross-site Scripting

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.

GHSA-786g-xv8v-9h93: Moodle Cross-site Scripting vulnerability

In Moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.

GHSA-2wmj-8mqg-r9q8: Moodle has Incorrect Default Permissions

In Moodle, insufficient capability checks meant message deletions were not limited to the current user.

GHSA-79jp-m64f-pgrc: Moodle Cross-site Scripting vulnerability

In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk.

GHSA-35wf-3wq2-r3hx: Moodle has Incorrect Default Permissions

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions.