-
-
Notifications
You must be signed in to change notification settings - Fork 346
Security: alfio-event/alf.io
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
preloaded data as json is not escaped correctlyGHSA-mcx6-25f8-8rqw published
Sep 6, 2024 by cbelloneLow -
Bypassing promo code limitations with race conditionsGHSA-67jg-m6f3-473g published
Sep 6, 2024 by cbelloneHigh -
IDOR Vulnerability: Allowing Organization Owner to view the other Organizations API KEY and USERSGHSA-ffr5-g3qg-gp4f published
Feb 16, 2024 by cbelloneHigh -
IDOR make user can read e-mail log sent by other eventsGHSA-5wcv-pjc6-mxvv published
Feb 16, 2024 by cbelloneHigh -
User sessions are not properly terminatedGHSA-8p6m-mm22-q893 published
Feb 16, 2024 by cbelloneHigh -
Cross-Site Scripting (XSS) via File UploadGHSA-gpmg-8f92-37cf published
Feb 16, 2024 by cbelloneLow