[HIGH] OpenSTAManager Affected by Remote Code Execution via Insecure Deserialization in OAuth2

PKSA-7wd8-5d3q-gt4k CVE-2026-29782 GHSA-whv5-4q2f-q68g

Affected version: <=2.10.1

Reported by:
GitHub

[HIGH] OpenSTAManager has a Time-Based Blind SQL Injection via `options[stato]` Parameter

PKSA-84pv-3jy7-8y8y CVE-2026-28805 GHSA-3gw8-3mg3-jmpc

Affected version: <=2.10.1

Reported by:
GitHub