idno/known Security Advisories for 1.0.0-rc.3 (4)
-
[MEDIUM] Known v1.3.1 contains Insecure Direct Object Reference
PKSA-wh9k-vr98-538j CVE-2022-30852 GHSA-4v4p-87m3-5423
Affected version: <=1.3.1
Reported by:
GitHub -
[MEDIUM] Known v1.3.1 Cross-site Scripting
PKSA-zgyh-1rg4-xjdv CVE-2022-31290 GHSA-g688-7j3c-h9f3
Affected version: <=1.3.1
Reported by:
GitHub -
[MEDIUM] Known vulnerable to code execution via SVG file in v1.3.1
PKSA-57ft-y47z-krcm CVE-2022-32115 GHSA-5jgj-h9wp-53fr
Affected version: <=1.3.1
Reported by:
GitHub -
[HIGH] Known vulnerable to account takeover via host header injection attack in v1.3.1
PKSA-tkg9-wjbk-frr2 CVE-2022-33011 GHSA-p757-4v3p-j74f
Affected version: <=1.3.1
Reported by:
GitHub