GHSA-c72g-53hw-82q7: OpenFGA Authorization Bypass

GHSA-m4hf-fxcg-cp34: DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline

GHSA-79m3-rvx2-3qq9: Reflected Cross-Site Scripting (XSS) in module actions in edit mode

GHSA-62mf-vhhw-xmf8: DNN site Import could use an external source with a crafted request

GHSA-c37v-3c8w-crq8: zot logs secrets

rdiffweb prior to 2.4.2 has no password policy or password checking, which could make users vulnerable to brute force password guessing attacks. Version 2.4.2 enforces minimum and maximum password lengths.

**rdiffweb before 2.4.2 contains Weak Password Requirements**

High severity GitHub Reviewed Published Sep 14, 2022 • Updated Sep 15, 2022

Headline

GHSA-mp5p-g2jv-r8qw: rdiffweb before 2.4.2 contains Weak Password Requirements

ghsa: Latest News