sylius/sylius Security Advisories for v1.12.7 (2)
-
[MEDIUM] Sylius has potential Cross Site Scripting vulnerability via the "Province" field in the Checkout and Address Book
PKSA-nsc4-mbdg-1r18 CVE-2024-29376 GHSA-7prj-9ccr-hr3q
Affected version: >=1.13.0-alpha.1,<1.13.1|>=1.12.0-alpha.1,<1.12.16
Reported by:
GitHub -
[LOW] Sylius potentially vulnerable to Cross Site Scripting via "Name" field (Taxons, Products, Options, Variants) in Admin Panel
PKSA-dg69-7wty-b2d6 CVE-2024-34349 GHSA-v2f9-rv6w-vw8r
Affected version: >=1.13.0-alpha.1,<1.13.1|>=1.12.0-alpha.1,<1.12.16
Reported by:
GitHub