Skip to content

issues Search Results · language:Dune language:TypeScript language:PHP language:HTML language:JavaScript linked:pr

Filter by

6M results  (571 ms)

6M results

SandeepVashishtha/Eventra
bug(utils): fix pagination freeze and URL parameter pollution in buildPaginatedUrl

Describe the bug The buildPaginatedUrl utility in eventFetchUtils.js suffers from a URL Parameter Pollution vulnerability. Because it relies on raw string concatenation ( page=x size=y), it blindly appends ...
bug
  • enoshdev
  • 1
  • Opened 
    1 minute ago
  • #5701

SandeepVashishtha/Eventra
CSRF protection missing on state-changing endpoints

State-changing endpoints lack CSRF token validation allowing cross-site request forgery attacks.
  • Srushti-Kamble14
  • 1
  • Opened 
    5 minutes ago
  • #5699

SandeepVashishtha/Eventra
Concurrent waitlist promotion causes duplicate registrations and overbooking

Admin promotion and automatic promotion run in parallel causing event capacity to be exceeded.
  • Srushti-Kamble14
  • 1
  • Opened 
    5 minutes ago
  • #5698

SandeepVashishtha/Eventra
Event reminder cron job fails silently for 30+ days

No error notifications when cron fails, causing 1000s of users to miss event reminders.
  • Srushti-Kamble14
  • 1
  • Opened 
    5 minutes ago
  • #5697

SandeepVashishtha/Eventra
Concurrent payment processing causes duplicate charges

Rapid button clicks trigger multiple payment requests, both succeed and charge user twice.
  • Srushti-Kamble14
  • 1
  • Opened 
    5 minutes ago
  • #5696

SandeepVashishtha/Eventra
Admin endpoints lack authorization checks allowing permission escalation

Regular users can access and modify organization settings without proper authorization.
  • Srushti-Kamble14
  • 1
  • Opened 
    5 minutes ago
  • #5695

SandeepVashishtha/Eventra
SSR hydration mismatch causing visual instability on event details

Server and client render different HTML causing flickering and layout shifts.
  • Srushti-Kamble14
  • 1
  • Opened 
    6 minutes ago
  • #5694

SandeepVashishtha/Eventra
security(utils): patch SSRF protocol-relative bypass and parameter pollution in githubApiClient

Describe the bug The buildGitHubProxyUrl utility contains two critical SSRF (Server-Side Request Forgery) injection vectors that could allow an attacker to steal backend API tokens or access unauthorized ...
bug
  • enoshdev
  • 1
  • Opened 
    6 minutes ago
  • #5693

SandeepVashishtha/Eventra
Webhook delivery failures with no retry mechanism

Event webhooks fail silently with no retries. Notifications never reach external services.
  • Srushti-Kamble14
  • 1
  • Opened 
    6 minutes ago
  • #5692

SandeepVashishtha/Eventra
Database connection pool exhaustion during high-traffic events

Peak traffic exhausts connection pool causing cascading failures and Too many connections errors.
  • Srushti-Kamble14
  • 1
  • Opened 
    6 minutes ago
  • #5691
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! Restrict your search to the title by using the in:title qualifier.
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! Restrict your search to the title by using the in:title qualifier.