Publicly disclosed security vulnerabilities

I have responsibly reported several security vulnerabilities; some of the public ones are listed below.

• XSS in django-gravatar2: Fixed in 1.4.5 (2024)

• Stored XSS via integration of external issues in Sentry: CVE-2024-41656 (2024)

• XSS in django-allauth: Fixed in 0.63.6 (2024)

• XSS in django-impersonate: Fixed in 1.9.3 and 1.9.4 (2024)

• Login CSRF in the SAML implementation of django-allauth: Fixed in 0.63.3 (2024)

• Cross site scripting on beta dashboard in Read the Docs: GHSA-8v7c-r4x6-h796 (2024)

• Denial of service via regular expression in Django Wiki: CVE-2024-28865 (2024)

• CAS session takeover in Read the Docs for Business: GHSA-pw32-ffxw-68rh (2024)

• XSS in search integrations when including search results from malicious projects in Read the Docs: GHSA-qhqx-5j25-rv48 (2024)

• Creation of integrations for any project in Read the Docs: GHSA-45hq-g76r-46wv (2023)

• Arbitrary command execution on Windows in Vim: CVE-2023-4736 (2023)

• Untrusted search path on Windows systems leading to arbitrary code execution in GitPython: CVE-2023-40590 (2023)

• Blind local file inclusion in GitPython: CVE-2023-41040 (2023)

• Arbitrary write to files from builder server in Read the Docs: GHSA-v7x4-rhpg-3p2r (2023)

• Write access to projects via API V2 for any logged-in user in Read the Docs: GHSA-rqfv-8rrx-prmh (2023)

• CAS session hijacking in Read the Docs for Businesses: GHSA-4mgr-vrh5-hj8q (2023)

• Serving content from pull requests previews on main docs domains in Read the Docs: GHSA-h4cf-8gv8-4chf (2023)

• Cache poisoning: serving arbitrary content on documentation sites in Read the Docs: GHSA-mp38-vprc-7hf5 (2023)

• Arbitrary code execution when using treesitter with injections in Neovim: GHSA-6f9m-hj8h-xjgj (2023)

• Path traversal: access to files from any project in Read the Docs: GHSA-5w8m-r7jm-mhp9 (2023)

• Symlink following: arbitrary file access from builder server in Read the Docs: GHSA-hqwg-gjqw-h5wg (2023)

• Cache poisoning in Read the Docs: GHSA-7fcx-wwr3-99jv (2023)

• Arbitrary command execution in simple-git: CVE-2022-25860 (2022)

• Symlink following: arbitrary file access from builder server in Read the Docs: GHSA-368m-86q9-m99w (2022)

• Allow serving of arbitrary HTML files from the main domain in Read the Docs: GHSA-98pf-gfh3-x3mp (2022)

• CSRF from documentation domains in Read the Docs: GHSA-3v5m-qmm9-3c6c (2021)

• Serving arbitrary files in domains of other projects in Read the Docs: https://docs.readthedocs.io/en/stable/security.html#release-2-3-0 (2018)