GHSA-wwc9-wmm3-2pmf: DNN.PLATFORM Allows Stored Cross-Site Scripting (XSS) in Activity Feed

GHSA-pf4h-vrv6-cmvr: DNN.PLATFORM Allows Reflected Cross-Site Scripting (XSS) in some TokenReplace situations with SkinObjects

GHSA-7cjh-xx4r-qh3f: sentry-android unmasked sensitive data in Android Session Replays for users of Jetpack Compose 1.8+

GHSA-gpfc-mph4-qm24: Velociraptor vulnerable to privilege escalation via UpdateConfig artifact

GHSA-5644-3vgq-2ph5: Crafter Studio Groovy Sandbox Bypass

A path traversal and a javascript code injection vulnerabilities were identified in willdurand/js-translation-bundle versions prior to 2.1.1. 

**willdurand/js-translation-bundle potential path traversal attack and remote code injection**

Critical severity GitHub Reviewed Published Jun 7, 2024 to the GitHub Advisory Database • Updated Jun 7, 2024

Headline

GHSA-x86x-qhf8-f37w: willdurand/js-translation-bundle potential path traversal attack and remote code injection

ghsa: Latest News