AZL-35348 CVE-2023-3978 affecting package vitess for versions less than 19.0.4-2

Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack...

CVE-2020-15307

Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS in the web front end by leveraging the ability to create a custom field with a crafted field name...