Potential Denial Of Service Via Update Release Links API
Insecure Storage of Session Key In Redis
Improper Access Expiration Date Validation
Cross-Site Scripting in Multiple Pages
Unauthorized Users Can View Custom Project Template
Cross-Site Scripting in SVG Image Preview
Incomplete Handling in Account Deletion
Insufficient Rate Limiting at Re-Sending Confirmation Email
Improper Type Check in GraphQL
To-dos Are Not Redacted When Membership Changes
Guest users can modify confidentiality attribute
Command injection on runner host
Insecure Runner Configuration in Kubernetes Environments