ezsystems/ezplatform Security Advisories for v2.5.0-rc2 (3)
-
EZSA-2019-006 Rules to disable executable access are ignored on Platform.sh (eZ Cloud)
Affected version: >=2.5.0,<2.5.4|>=1.13.0,<1.13.5.1|>=1.7.0,<1.7.9.1
Reported by:
FriendsOfPHP/security-advisories -
EZSA-2019-007 Prevent accepting app.php in URL in Platform.sh
Affected version: >=2.5.0,<2.5.4|>=1.13.0,<1.13.5.1|>=1.7.0,<1.7.9.1
Reported by:
FriendsOfPHP/security-advisories -
[HIGH] EZSA-2019-004 CSRF token in login form is disabled by default
PKSA-t91s-b3w1-3n4m GHSA-2rh5-jvgx-pgw3
Affected version: >=2.5.0,<2.5.4
Reported by:
FriendsOfPHP/security-advisories, GitHub