ezsystems/ezplatform-admin-ui Security Advisories (10)
-
[MEDIUM] ezsystems/ezplatform-admin-ui has an XSS vulnerability in Cancel/Reschedule future publication modal
PKSA-h4qf-qt17-8928 GHSA-99c7-c3mw-mxhv
Affected version: >=2.3.0,<2.3.39
Reported by:
GitHub -
[MEDIUM] Ibexa eZ Platform Admin UI XSS vulnerabilities in back office
PKSA-tjn8-n8gj-3xp3 GHSA-r7pm-mw8g-p7px
Affected version: >=2.3.0-beta1,<2.3.38
Reported by:
GitHub -
[MEDIUM] eZ Platform Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget
PKSA-ymm8-s8yx-cf91 GHSA-gc5h-6jx9-q2qh
Affected version: >=3.3.0,<3.3.39
Reported by:
GitHub -
[HIGH] eZ Platform Admin UI Cross-site Scripting vulnerability
PKSA-gjf9-6vtv-jgpj GHSA-q73v-79x3-jv2w
Affected version: >=1.4.0,<1.4.4|>=1.3.0,<1.3.5
Reported by:
GitHub -
[HIGH] eZ Platform Password reset vulnerability
PKSA-zs94-4fzr-sfpn GHSA-cg84-55jx-4237
Affected version: >=1.4.0,<1.4.6
Reported by:
GitHub -
[CRITICAL] eZ Platform users with the Company admin role can assign any role to any user
PKSA-jxny-cxn1-wv1s GHSA-pcpm-vc4v-cmvx
Affected version: >=2.3.0,<2.3.26|>=1.5.0,<1.5.29
Reported by:
GitHub -
[CRITICAL] ezplatform-admin-ui vulnerable to Cross-Site Scripting (XSS)
PKSA-n7hv-2v7b-q6sp GHSA-58h5-h554-429q
Affected version: >=2.3.0,<2.3.26
Reported by:
GitHub -
[MEDIUM] ezplatform-admin-ui Cross-site Scripting (XSS) vulnerability
PKSA-5zsr-y194-ztv4 CVE-2019-12139 GHSA-99rh-vxmc-7wgf
Affected version: >=1.4,<1.4.4|>=1.3,<1.3.5
Reported by:
GitHub -
[MEDIUM] EZSA-2019-002 Password reset vulnerability
PKSA-j563-yyj4-r9s9 GHSA-9jp8-cwwx-p64q
Affected version: >=1.4.0,<1.4.6
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[MEDIUM] EZSA-2019-001 XSS in Admin UI
PKSA-g3qz-r7w1-gyzd GHSA-6v6p-g8cg-2hgg
Affected version: >=1.3.0,<1.3.5|>=1.4.0,<1.4.4
Reported by:
FriendsOfPHP/security-advisories, GitHub