ghsa

JetBrains Ktor before 2.1.0 was vulnerable to a Reflect File Download attack.

A stored cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the `start_date` Parameter. This issue was patched in version 5.11.0.

A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the `end_date` Parameter. This issue was patched in version 5.11.0.

A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the `publish_on_date` Parameter. This issue was patched in version 5.11.0.

A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the `publish_on_time` Parameter. This issue was patched in version 5.11.0.

### Impact Requests to an OpenSearch cluster configured with advanced access control features ([document level security (DLS)](https://opensearch.org/docs/latest/security-plugin/access-control/document-level-security/), [field level security (FLS)](https://opensearch.org/docs/latest/security-plugin/access-control/field-level-security/), and/or [field masking](https://opensearch.org/docs/latest/security-plugin/access-control/field-masking/)) will not be filtered when the query's search pattern matches an aliased index. OpenSearch Dashboards creates an alias to `.kibana` by default, so filters with the index pattern of `*` to restrict access to documents or fields will not be applied. This issue allows requests to access sensitive information when customer have acted to restrict access that specific information. ### Patches OpenSearch 2.2.0+ contains the fix for this issue. OpenSearch Security Plugin 2.2.0.0 is compatible with OpenSearch 2.2.0. ### Workarounds There is no recommende...

### Impact A partial Directory Traversal Vulnerability found in `apoc.log.stream` function of apoc plugins in Neo4j Graph database. This issue allows a malicious actor to potentially break out of the expected directory. The impact is limited to sibling directories. For example, `userControlled.getCanonicalPath().startsWith("/usr/out")` will allow an attacker to access a directory with a name like `/usr/outnot`. ### Patches The users should aim to use the latest released version compatible with their Neo4j version. The minimum versions containing patch for this vulnerability are 4.4.0.8 and 4.3.0.7 ### Workarounds If you cannot upgrade the library, you can control the [allowlist of the functions](https://neo4j.com/docs/operations-manual/current/reference/configuration-settings/#config_dbms.security.procedures.allowlist) that can be used in your system ### For more information If you have any questions or comments about this advisory: - Open an issue in [neo4j-apoc-procedures](https...

Affected versions of this crate called the RocksDB C API `rocksdb_open_column_families_with_ttl()` with a pointer to a single integer TTL value, but one TTL value for each column family is expected. This is only relevant when using `rocksdb::DBWithThreadMode::open_cf_descriptors_with_ttl()` with multiple column families. This bug has been fixed in v0.19.0.

In Microweber prior to v1.3.1, the title parameter in the body of POST request when creating/editing a category is vulnerable to stored cross-site scripting.

Before version 0.1.3 `update_by_case` gem used custom sql strings, and it was not sanitized, making it vulnerable to sql injection. Upgrade to version >= 0.1.3 that uses `Arel` instead to construct the resulting sql statement, with sanitized sql.