GHSA-c72g-53hw-82q7: OpenFGA Authorization Bypass

GHSA-m4hf-fxcg-cp34: DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline

GHSA-79m3-rvx2-3qq9: Reflected Cross-Site Scripting (XSS) in module actions in edit mode

GHSA-62mf-vhhw-xmf8: DNN site Import could use an external source with a crafted request

GHSA-c37v-3c8w-crq8: zot logs secrets

A cross-site scripting (XSS) vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter.

**FastAPI Admin cross-site scripting (XSS) vulnerability in the Create Product function**

Moderate severity GitHub Reviewed Published Aug 26, 2024 to the GitHub Advisory Database • Updated Aug 26, 2024

Headline

GHSA-22xm-w7r2-834q: FastAPI Admin cross-site scripting (XSS) vulnerability in the Create Product function

ghsa: Latest News