Francoisjacquet Rosariosis vulnerabilities

CVE-2023-2665 [HIGH] CWE-921 CVE-2023-2665: Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0.

CVE-2023-2202 [MEDIUM] CWE-284 CVE-2023-2202: Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3. Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3.

CVE-2023-0994 [HIGH] CWE-200 CVE-2023-0994: Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository francoisjacquet/rosa Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository francoisjacquet/rosariosis prior to 10.8.2.

CVE-2022-2714 [CRITICAL] CWE-130 CVE-2022-2714: Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0.

CVE-2022-3072 [MEDIUM] CWE-79 CVE-2022-3072: Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 8.9.3. Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 8.9.3.

CVE-2022-2067 [CRITICAL] CWE-89 CVE-2022-2067: SQL Injection in GitHub repository francoisjacquet/rosariosis prior to 9.0. SQL Injection in GitHub repository francoisjacquet/rosariosis prior to 9.0.

CVE-2022-2036 [MEDIUM] CWE-79 CVE-2022-2036: Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.1. Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.1.

CVE-2022-1997 [MEDIUM] CWE-79 CVE-2022-1997: Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0. Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.