GHSA-3qhf-m339-9g5v: MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS

GHSA-j975-95f5-7wqh: MCP Python SDK has Unhandled Exception in Streamable HTTP Transport ,Leading to Denial of Service

GHSA-j4rj-fgcq-wmqp: Cockpit - Content Platform vulnerable to XSS through name or email argument names

GHSA-p85q-mww9-gwqf: Citizen Short Description stored XSS vulnerability through wikitext

GHSA-prmv-7r8c-794g: Citizen vulnerable to Stored XSS through short descriptions

All versions of package `jsgui-lang-essentials` are vulnerable to Prototype Pollution due to allowing all `Object` attributes to be altered, including their magical attributes such as `proto`, `constructor` and `prototype`.

**Prototype Pollution in jsgui-lang-essentials**

High severity GitHub Reviewed Published May 3, 2022 • Updated May 20, 2022

Headline

GHSA-p3pg-64pv-v7jg: Prototype Pollution in jsgui-lang-essentials

ghsa: Latest News