GHSA-wf8f-6423-gfxg: Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation

GHSA-cwwm-hr97-qfxm: SpiceDB checks involving relations with caveats can result in no permission when permission is expected

GHSA-cvx7-x8pj-x2gw: CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification

GHSA-qx7g-fx8q-545g: Para Inserts Sensitive Information into Log File for Facebook authentication

GHSA-jq8x-v7jw-v675: Duplicate Advisory: users may append `root` to group listings

Failing to properly encode editor input, the search result view of indexed_search is susceptible to Cross-Site Scripting, allowing authenticated editors to inject arbitrary HTML.

**Cross-Site Scripting in TYPO3 component Indexed Search**

Moderate severity GitHub Reviewed Published Jun 3, 2024 to the GitHub Advisory Database • Updated Jun 3, 2024

Headline

GHSA-wh8q-72cp-p5wf: Cross-Site Scripting in TYPO3 component Indexed Search

ghsa: Latest News