Server Side Request Forgery (SSRF) vulnerability
27 March, 2025
Unauthenticated DoubleExtension Arbitrary File Upload vulnerability
19 August, 2024
Unauthenticated Sensitive Information Exposure vulnerability
11 June, 2024
Broken Access Control vulnerability
25 April, 2024
Authenticated (Contributor+) Stored CrossSite Scripting via Widgets vulnerability
2 April, 2024