CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
XSS
NVD
GitHub
CVSS 3.1
3.1
EPSS
0.4%
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
Information Disclosure
Octopus Server
NVD
CVSS 3.1
2.6
EPSS
0.2%