forkcms/forkcms Security Advisories for 5.9.3 (7)
-
[MEDIUM] ForkCMS XSS via `end_date` parameter
PKSA-gzj1-sq51-b9s2 CVE-2022-35590 GHSA-pw4j-r69m-rrr5
Affected version: <5.11.0
Reported by:
GitHub -
[MEDIUM] ForkCMS XSS via `publish_on_time` parameter
PKSA-n4yt-knmn-s8xc CVE-2022-35589 GHSA-q4qv-3x58-rxmh
Affected version: <5.11.0
Reported by:
GitHub -
[MEDIUM] ForkCMS XSS via `publish_on_date` parameter
PKSA-z936-j7mw-h3k3 CVE-2022-35587 GHSA-65wf-qm95-6mhm
Affected version: <5.11.0
Reported by:
GitHub -
[MEDIUM] ForkCMS stored XSS via `start_date` parameter
PKSA-fqv6-v114-nkms CVE-2022-35585 GHSA-9hmc-87h4-w869
Affected version: <5.11.0
Reported by:
GitHub -
[HIGH] SQL Injection in Fork CMS
PKSA-wk4s-rmxz-dbgt CVE-2022-1064 GHSA-rr8m-29g8-8cgc
Affected version: <5.11.1
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in Fork CMS
PKSA-38vq-ycs8-6zr5 CVE-2022-0145 GHSA-qf2g-q4mc-w7rr
Affected version: <5.11.1
Reported by:
GitHub -
[HIGH] SQL Injection in Fork CMS
PKSA-xtsw-1wrv-q72h CVE-2022-0153 GHSA-q863-cchm-c6c6
Affected version: <5.11.1
Reported by:
GitHub