Source
ghsa
GHSA-27rq-4943-qcwp: Insertion of Sensitive Information into Log File in Hashicorp go-getter
The Hashicorp go-getter library before 1.5.11 could write SSH credentials into its logfile, exposing sensitive credentials to local users able to read the logfile.
GHSA-6xj3-fhrf-rjgc: Cross-site Scripting in microweber
XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15. Typical impact of XSS attacks.