Security: lissy93/dashy
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
XSS in workspace url parameterGHSA-58mp-4qr3-vmrc published
Jun 14, 2026 by lissy93Low -
Unauthenticated SSRF via /cors-proxy and /status-check metadata bypassGHSA-9ccw-3f4f-c4w2 published
Jun 10, 2026 by lissy93Low -
Renaming .yml to .yaml in OIDC bypasses authGHSA-7v4p-jf7g-wpg7 published
Jun 4, 2026 by lissy93Low -
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in lissy93/dashyGHSA-2x3v-qmgm-r8hv published
Jun 4, 2026 by lissy93Moderate -
Users can write to config despire permissions (OIDC tested)GHSA-vjj9-fmvr-6h3p published
May 16, 2026 by lissy93High