ReadForm can allocate a large number of short-lived buffers, further increasing pressure on the garbage collector. This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. Prior to versions 1.13.1 and 1.20.4, lack of access control check allows any authenticated user to write data to any fields container, including those to which they have no configured access. An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate privileges via the id and keywords parameter(s). An issue was discovered in libbzip3.a in bzip3 before 1.2.3. Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows a remote attacker to execute arbitrary code via a crafted script in the