yourls/yourls Security Advisories (7)
-
[HIGH] YOURLS is vulnerable to XSS through JSONP and Callback request parameters
PKSA-qpkp-f36z-t666 GHSA-6mp4-q625-mxjp
Affected version: <=1.10.2
Reported by:
GitHub -
[MEDIUM] YOURLS Stored Cross Site Scripting (XSS)
PKSA-yx3w-8qkc-85rh CVE-2020-27388 GHSA-pwgg-r6fq-mf94
Affected version: >=1.5,<1.8
Reported by:
GitHub -
[LOW] Cross-Site Request Forgery in YOURLS
PKSA-bwby-7ss8-8rky CVE-2022-0088 GHSA-gx7g-wjxg-jwwj
Affected version: <=1.8.2
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in yourls
PKSA-wdxt-49vt-x72z CVE-2021-3783 GHSA-cpq8-x35g-m439
Affected version: <=1.8.2
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in yourls
PKSA-tbtr-2rkw-yvnv CVE-2021-3785 GHSA-m9fq-c9hp-59g7
Affected version: <1.8.2
Reported by:
GitHub -
[MEDIUM] Improper Restriction of Rendered UI Layers or Frames in yourls
PKSA-ds9p-gn9y-hv4j CVE-2021-3734 GHSA-r6g8-jmj9-g945
Affected version: <=1.8.1
Reported by:
GitHub -
[CRITICAL] Access of Resource Using Incompatible Type ('Type Confusion') in yourls/yourls
PKSA-zrvm-1zc1-qn96 CVE-2019-14537 GHSA-vf23-f26f-mjj9
Affected version: <1.7.4
Reported by:
GitHub