ezsystems/ezplatform-admin-ui Security Advisories (4)
-
[CRITICAL] eZ Platform users with the Company admin role can assign any role to any user
PKSA-jxny-cxn1-wv1s GHSA-pcpm-vc4v-cmvx
Affected version: >=2.3.0,<2.3.26|>=1.5.0,<1.5.29
Reported by:
GitHub -
[CRITICAL] ezplatform-admin-ui vulnerable to Cross-Site Scripting (XSS)
PKSA-n7hv-2v7b-q6sp GHSA-58h5-h554-429q
Affected version: >=2.3.0,<2.3.26
Reported by:
GitHub -
[MEDIUM] EZSA-2019-002 Password reset vulnerability
PKSA-j563-yyj4-r9s9 GHSA-9jp8-cwwx-p64q
Affected version: >=1.4.0,<1.4.6
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[MEDIUM] EZSA-2019-001 XSS in Admin UI
PKSA-g3qz-r7w1-gyzd GHSA-6v6p-g8cg-2hgg
Affected version: >=1.3.0,<1.3.5|>=1.4.0,<1.4.4
Reported by:
FriendsOfPHP/security-advisories, GitHub