GHSA-6qhv-4h7r-2g9m: rfc3161-client has insufficient verification for timestamp response signatures

GHSA-g3qg-6746-3mg9: zkVM Underconstrained Vulnerability

GHSA-93c7-7xqw-w357: Pingora has a Request Smuggling Vulnerability

GHSA-vrw8-fxc6-2r93: chi Allows Host Header Injection which Leads to Open Redirect in RedirectSlashes

GHSA-qwwm-c582-82rx: Mattermost allows unauthorized channel member management through playbook runs

The link to reset all templates of a database activity did not include the necessary token to prevent a CSRF risk.

**Moodle vulnerable to Cross-site Request Forgery**

Moderate severity GitHub Reviewed Published Mar 23, 2023 to the GitHub Advisory Database • Updated Mar 23, 2023

Headline

GHSA-wxmq-v9gx-75pg: Moodle vulnerable to Cross-site Request Forgery

Related news

ghsa: Latest News