GO-2026-4751 Zitadel is missing enforcement of organization scopes in github.com/zitadel/zitadel

Zitadel is missing enforcement of organization scopes in github.com/zitadel/zitadel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners,...

CVE-2021-32831

Total.js framework npm package total.js is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. In total.js framework before version 3.4.9, calling the utils.set function with user-controlled values leads to code-injection. This c...