GHSA-xrrq-rrgq-h89w: static-alloc vulnerability leads to uninitialized read after allocating MemBump

GHSA-hq75-xg7r-rx6c: Better Call routing bug can lead to Cache Deception

Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

**Cross site scripting in yetiforce/yetiforce-crm**

Moderate severity GitHub Reviewed Published Aug 23, 2022 • Updated Aug 30, 2022