craftcms/cms Security Advisories for 5.0.4 (2)
-
[MEDIUM] Craft CMS vulnerable to stored XSS in breadcrumb list and title fields
PKSA-8qn2-9hhy-cmx1 CVE-2024-45406 GHSA-28h4-788g-rh42
Affected version: >=5.0.0,<5.1.2
Reported by:
GitHub -
[MEDIUM] Craft CMS Allows TOTP Token To Stay Valid After Use
PKSA-56qm-r9zg-vprk CVE-2024-41800 GHSA-wmx7-pw49-88jx
Affected version: >=5.0.0-beta.1,<=5.2.2
Reported by:
GitHub