#git

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field.

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Name Field.

OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Milestone Name Field.

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Group Name Field.

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Activity Search Criteria-Activity Number.

OpenCRX version 5.2.0 is vulnerable to HTML injection via Product Name Field.

Dreamer_cms 4.1.3 is vulnerable to Cross Site Request Forgery (CSRF) via Add permissions to CSRF in Permission Management.

git-urls version 1.0.1 is vulnerable to ReDOS (Regular Expression Denial of Service) in Go package.

git-urls version 1.0.1 is vulnerable to ReDOS (Regular Expression Denial of Service) in Go package.

Cross Site Scripting (XSS) vulnerability in LimeSurvey before version 6.2.9-230925 allows a remote attacker to escalate privileges via a crafted script to the _generaloptions_panel.php component.