-
# Itsourcecode "Payroll Management System " in PHP 1.0 "login.php" SQL injection
# NAME OF AFFECTED PRODUCT(S)
+ Payroll Management System
## Vendor Homepage
+ https://itsourcecode.com/free-projec…
-
**Describe the bug**
When I run a security scan against a Java application that includes a log injection vulnerability (https://docs.aws.amazon.com/codeguru/detector-library/java/log-injection/), the…
-
Rendering un-sanitised html via `@html` is a potential xss (cross site scripting) vulnerability if that html is provided by a user. Consider removing support of html toast messages in favour of svelte…
-
When I install the latest `@upsetjs/venn.js` Githb complains about a rollup security advisory
https://github.com/rollup/rollup/security/advisories/GHSA-gcx4-mw62-g8wm
**To Reproduce**
npm i…
-
### Is this a possible security vulnerability?
- [X] This is NOT a possible security vulnerability
### Describe the bug
[PolarisApplicationConfig](https://github.com/apache/polaris/blob/cc58730a0c6…
-
There is a `Axios Cross-Site Request Forgery Vulnerability` dependency in the `@analytics/segment` plugin.
Dependabot is stating: `@analytics/segment@1.1.3 requires axios@^0.21.1 via a transitive …
-
-
### Describe the bug
@loopback/rest triggers a critical security vulnerability due to strong-error-handler's dependency on [ejs](https://github.com/mde/ejs).
The vulnerability is currently [disput…
-
-
**Describe the bug**
Since we moved to sonar 10 and dependency check plugin 5, critical CVEs don't seem to be taken as "high impact on security", but only "medium impact". On the previous version, ha…