Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-27rq-4943-qcwp: Insertion of Sensitive Information into Log File in Hashicorp go-getter

The Hashicorp go-getter library before 1.5.11 could write SSH credentials into its logfile, exposing sensitive credentials to local users able to read the logfile.

ghsa
#git#ssh
GHSA-6xj3-fhrf-rjgc: Cross-site Scripting in microweber

XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15. Typical impact of XSS attacks.