[ad_1]
Hi @pautgn ,
Absolutely, we can definitely provide more context. Specific details aren’t public at this time (for obvious reasons, though more information will be available in 2 weeks), but we can point you in the right direction about impact.
One is related to a redirect, where users could potentially be tricked into visiting an unexpected site from a link on your site. This could only be done by a user that’s logged in to your site and they would have to intentionally target a specific unpublished URL. The other has to do with how permissions are checked for an API. They are considered “Medium” severity.
Certainly we recommend updating to the latest version, but you do have time to test.