croogo/croogo Security Advisories for v2.2.4 (7)
-
[MEDIUM] Cross site scripting in Croogo
PKSA-212y-8c1h-nf5y CVE-2017-1000510 GHSA-r4h9-gv2m-9x97
Affected version: <4.0.0
Reported by:
GitHub -
[MEDIUM] Croogo vulnerable to XSS in title field
PKSA-x9tb-73dz-nghd CVE-2019-7169 GHSA-wr5c-4f2h-28m6
Affected version: <=3.0.5
Reported by:
GitHub -
[MEDIUM] Croogo vulnerable to XSS in title field
PKSA-jzzz-t7ck-sgt6 CVE-2019-7171 GHSA-v6q8-8wgx-8hm7
Affected version: <=3.0.5
Reported by:
GitHub -
[MEDIUM] Croogo vulnerable to XSS in title field
PKSA-tsqh-mp1n-s47g CVE-2019-7170 GHSA-36pq-cjh9-fv46
Affected version: <3.0.7
Reported by:
GitHub -
[MEDIUM] Croogo vulnerable to XSS in Blog field
PKSA-zqqm-mtg5-7fdn CVE-2019-7168 GHSA-9f9r-w3xq-f722
Affected version: <=3.0.5
Reported by:
GitHub -
[HIGH] Unrestricted Upload of File with Dangerous Type in Croogo
PKSA-fz3z-kwtb-ws2g CVE-2021-44673 GHSA-4pww-fqgh-36hj
Affected version: <=3.0.2
Reported by:
GitHub -
[LOW] Croos-site scripting in Croogo
PKSA-wzw7-wywp-78t4 CVE-2019-20789 GHSA-jfvf-rfmq-qwf8
Affected version: <3.0.7
Reported by:
GitHub