CVE-2022-1782

Cross-site Scripting (XSS) - Generic in GitHub repository erudika/para prior to v1.45.11.

CVE-2022-1848

Business Logic Errors in GitHub repository erudika/para prior to 1.45.11.

CVE-2025-49009

Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 in FacebookAuthFilter.java results in a full request URL being logged during a failed request to a Facebook user profile. The log includes the user's access t...

CVE-2025-48955

Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 exposes both access and secret keys in logs without redaction. These credentials are later reused in variable assignments for persistence but do not require l...