PT-2022-10521 · Feehicms · Feehicms

Name of the Vulnerable Software and Affected Versions: Feehi CMS versions 2.1.1 and earlier Description: The issue allows attackers to run arbitrary code via the user name field of the "/login" API endpoint. This is a Cross Site Scripting XSS issue, which means attackers can inject malicious...

SUSE-SU-2018:3928-1 Security update for rubygem-loofah

This update for rubygem-loofah fixes the following issues: Security issue fixed: - CVE-2018-16468: Fixed XXS by removing the svg animate attribute from from the allowlist bsc1113969...