GHSA-wf8f-6423-gfxg: Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation

GHSA-cwwm-hr97-qfxm: SpiceDB checks involving relations with caveats can result in no permission when permission is expected

GHSA-cvx7-x8pj-x2gw: CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification

GHSA-qx7g-fx8q-545g: Para Inserts Sensitive Information into Log File for Facebook authentication

GHSA-jq8x-v7jw-v675: Duplicate Advisory: users may append `root` to group listings

Failing to properly encode user input, some backend components are vulnerable to Cross-Site Scripting. A valid backend user account is needed to exploit this vulnerability.

**Cross-Site Scripting in TYPO3 Backend**

Moderate severity GitHub Reviewed Published Jun 5, 2024 to the GitHub Advisory Database • Updated Jun 5, 2024

Headline

GHSA-86r8-4g3w-7xjp: Cross-Site Scripting in TYPO3 Backend

ghsa: Latest News