Remote Code Execution
An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter.
Advisories for Golang/Github.com/Ansible-Semaphore/Semaphore package
2023
Ansible Semaphore mishandles authentication
api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication.