[nocodb] Cross-site Scripting in NocoDB

Cross-site Scripting (XSS) – Stored in GitHub repository nocodb/nocodb prior to 0.91.9.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-2079
https://github.com/nocodb/nocodb/commit/362f8f0869989bc13bdcd66c6fc9c86ac79b9992
https://huntr.dev/bounti…

[strapi] Cross-site Scripting in Strapi

Strapi v3.x.x versions and earlier contain a stored cross-site scripting vulnerability in file upload function. By exploiting this vulnerability, an arbitrary script may be executed on the web browser of the user who is logging in to the product with t…