Overview · factionsecurity/faction · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Stored XSS in Remediation Verification Attachment Filename Preview Rendering
GHSA-x3fm-rrxj-rg66 published May 5, 2026 by summitt

High
Stored XSS in Assessment Attachment Filename Preview Rendering
GHSA-f2jc-wx44-mr54 published May 5, 2026 by summitt

High
Unauthenticated Read, Modify, and Delete of Boilerplate Templates
GHSA-7cv6-h22r-2qf2 published May 5, 2026 by summitt

Critical
Unauthenticated Custom Extension Upload leads to RCE
GHSA-xr72-2g43-586w published Nov 25, 2025 by summitt

Critical
Authentication Bypass via User Creation
GHSA-97cv-f342-v2jc published Mar 2, 2025 by summitt

High

Learn more about advisories related to factionsecurity/faction in the GitHub Advisory Database