Security Advisories - craftcms/cms

craftcms/cms Security Advisories for 2.6.2903 (18)

[MEDIUM] Craft CMS Feed-Me

PKSA-yq9g-7wmy-ph9w CVE-2023-36260 GHSA-6p78-f7h9-6838

Affected version: <4.6.2

Reported by:
GitHub
[MEDIUM] Craft CMS vulnerable to HTML injection

PKSA-htxf-m811-km69 CVE-2023-33495 GHSA-m3v5-gjj9-rg24

Affected version: <=4.4.9

Reported by:
GitHub
[HIGH] CraftCMS allows remote attacker to execute arbitrary code via crafted script to Section parameter

PKSA-2kbt-tv7g-v7px CVE-2023-30130 GHSA-fjx5-xm7q-whvj

Affected version: <=3.8.1

Reported by:
GitHub
[MEDIUM] Cross Site Scripting in CraftCMS

PKSA-t4fh-cwff-qj8q CVE-2023-30177 GHSA-wv7j-rc2q-9j67

Affected version: <3.7.68

Reported by:
GitHub
[MEDIUM] Craft CMS Cross-site Scripting Vulnerability

PKSA-ngqg-qdtb-rm3d CVE-2020-19626 GHSA-33jj-92px-m4g7

Affected version: <3.1.33

Reported by:
GitHub
[CRITICAL] Craft CMS possibility of brute force attempts

PKSA-1y5n-q5z7-8cgs CVE-2019-15929 GHSA-wvr4-w6cw-4px8

Affected version: <3.1.7

Reported by:
GitHub
[MEDIUM] Craft CMS XSS Vulnerability

PKSA-5swg-jxtx-ftv4 CVE-2019-17496 GHSA-f3xr-q258-h7m9

Affected version: <3.3.8

Reported by:
GitHub
[MEDIUM] Craft CMS XSS Vulnerability

PKSA-fv5t-gxkj-6y82 CVE-2019-12823 GHSA-w5q4-q7wp-qww6

Affected version: <3.1.31

Reported by:
GitHub
[MEDIUM] Craft CMS XSS Vulnerability

PKSA-kq4p-4cmz-my81 CVE-2017-8052 GHSA-xv5f-2997-qhrq

Affected version: <2.6.2974

Reported by:
GitHub
[MEDIUM] Craft CMS XSS Vulnerability

PKSA-ghfb-4pk5-qhrj CVE-2017-8384 GHSA-9mcw-mwxv-grwj

Affected version: <2.6.2976

Reported by:
GitHub
[MEDIUM] Craft CMS XSS Vulnerability

PKSA-gpt3-vsnf-hfrt CVE-2017-9516 GHSA-6pvw-hh48-jx7p

Affected version: <2.6.2982

Reported by:
GitHub
[MEDIUM] Craft CMS Unauthorized View

PKSA-3cvb-x36b-p3nr CVE-2017-8383 GHSA-7qq6-fgpw-xw45

Affected version: <2.6.2976

Reported by:
GitHub
[HIGH] Improper account password reset in Craft CMS

PKSA-61st-bdmf-2n6s CVE-2022-29933 GHSA-5cjr-78cq-3wrg

Affected version: <3.7.36

Reported by:
GitHub
[LOW] XSS Injection Vulnerability

PKSA-6kk8-kc6h-1vr1 GHSA-wf98-vxv9-jqfv

Affected version: <3.7.29

Reported by:
GitHub
[MEDIUM] Cross-site Scripting in craftcms/cms

PKSA-1ktx-1md2-qf47 CVE-2022-28378 GHSA-7xj5-fwqr-5378

Affected version: <3.7.29

Reported by:
GitHub
[MEDIUM] Craft CMS Cross-site Scripting Vulnerability

PKSA-n1f2-zc53-b6z3 CVE-2021-32470 GHSA-h2rj-8wgg-mm43

Affected version: <3.6.13

Reported by:
GitHub
[CRITICAL] Craft CMS Remote Code Injection

PKSA-fqry-snd1-rj28 CVE-2021-27903 GHSA-x2j7-6hxm-87p3

Affected version: <3.6.7

Reported by:
GitHub
[MEDIUM] Craft CMS Cross-site Scripting Vulnerability

PKSA-p8kz-63g9-6c6r CVE-2021-27902 GHSA-3jxh-789f-p7m6

Affected version: <3.6.0

Reported by:
GitHub

craftcms/cms Security Advisories for 2.6.2903 (18)

[MEDIUM] Craft CMS Feed-Me

[MEDIUM] Craft CMS vulnerable to HTML injection

[HIGH] CraftCMS allows remote attacker to execute arbitrary code via crafted script to Section parameter

[MEDIUM] Cross Site Scripting in CraftCMS

[MEDIUM] Craft CMS Cross-site Scripting Vulnerability

[CRITICAL] Craft CMS possibility of brute force attempts

[MEDIUM] Craft CMS XSS Vulnerability

[MEDIUM] Craft CMS XSS Vulnerability

[MEDIUM] Craft CMS XSS Vulnerability

[MEDIUM] Craft CMS XSS Vulnerability

[MEDIUM] Craft CMS XSS Vulnerability

[MEDIUM] Craft CMS Unauthorized View

[HIGH] Improper account password reset in Craft CMS

[LOW] XSS Injection Vulnerability

[MEDIUM] Cross-site Scripting in craftcms/cms

[MEDIUM] Craft CMS Cross-site Scripting Vulnerability

[CRITICAL] Craft CMS Remote Code Injection

[MEDIUM] Craft CMS Cross-site Scripting Vulnerability