Stored XSS on first/last name during setup

PKSA-vmyb-x3zz-fp3q

Affected version: <2.11.0

Reported by:
FriendsOfPHP/security-advisories

Tabnabbing when opening URI with menu "Open URI in a new tab"

PKSA-kr8c-3bqr-5ndv

Affected version: <2.11.0

Reported by:
FriendsOfPHP/security-advisories

Stored XSS in tags autocomplete dropdown

PKSA-wn13-bzpm-z2gp

Affected version: <2.11.0

Reported by:
FriendsOfPHP/security-advisories

E-mail HTML injection

PKSA-h8s8-nr9j-3cdp

Affected version: <2.7.0

Reported by:
FriendsOfPHP/security-advisories

Retrieval of HTTP-only cookies

PKSA-8vc7-g66q-cvn9

Affected version: <2.7.0

Reported by:
FriendsOfPHP/security-advisories

Remote code execution

PKSA-gk48-ycyg-4qfm

Affected version: <2.7.0

Reported by:
FriendsOfPHP/security-advisories

XSS in the url field on the password workspace grid and sidebar

PKSA-tsf2-twm1-cvv1 CVE-2017-1000442

Affected version: <1.6.5

Reported by:
FriendsOfPHP/security-advisories