contao/core-bundle Security Advisories for 4.13.2 (3)
-
[MEDIUM] Cross site scripting via input unit widget
PKSA-kc45-s13v-qqqk CVE-2023-36806 GHSA-4gpr-p634-922x
Affected version: >=5.0.0,<5.1.10|>=4.10.0,<4.13.28|>=4.0.0,<4.9.42
Reported by:
GitHub -
Directory traversal vulnerability in the file manager
PKSA-wth6-rm9c-yh3w CVE-2023-29200
Affected version: >=4.9.0,<4.9.40|>=4.13.0,<4.13.21|>=5.1.0,<5.1.4
Reported by:
FriendsOfPHP/security-advisories -
[HIGH] Cross site scripting via canonical URL
PKSA-jc9p-83z1-zst8 CVE-2022-24899 GHSA-m8x6-6r63-qvj2
Affected version: >=4.13.0,<4.13.3
Reported by:
FriendsOfPHP/security-advisories, GitHub