NPM: Apostrophe has stored XSS via javascript: URL in Image Widget Link

NPM: Apostrophe has stored XSS via javascript: URL in Image Widget Link vulnerability discovered by ? in WordPress Npm apostrophe versions 4.29.0...

Linux Distros Unpatched Vulnerability : CVE-2017-15427

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping ...