Summary
@actual-app/sync-server: Disabled OpenID users keep access through existing session tokens
References
Related vulnerabilities
All Supply chain →- MEDIUMGHSA-7HW8-6Q6R-4276
Langflow: Logout button does not clear session
- MEDIUMGHSA-9JR3-RJ99-8JQ3
CoreWCF: SAML token replay protection is inoperative
- HIGHGHSA-WV27-2VQP-J7G5
Gogs has the ability to import local repositories via Mirror Settings
- HIGHGHSA-PWX3-QCGW-VH7H
Gogs Vulnerable to CSRF Leading to Organization Owner Takeover
- HIGHGHSA-P9F5-H3RX-J5QW
Gogs Missing Authorization in Attachment Download
- HIGHGHSA-JQ8V-RMF6-65JW
Gogs has Stored XSS in `.ipynb` Preview