juzaweb/cms Security Advisories for v3.4.2 (3)
-
[LOW] JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing Import Page component
PKSA-wps7-nkwz-6pwr CVE-2025-6735 GHSA-rq7x-cfmc-rq3w
Affected version: <=3.4.2
Reported by:
GitHub -
[LOW] JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing certain components
PKSA-byjd-fygk-s2j7 CVE-2025-6736 GHSA-mrph-pjv2-34f4
Affected version: <=3.4.2
Reported by:
GitHub -
[MEDIUM] juzaweb CMS allows cross-site scripting by uploading an SVG file
PKSA-wym3-mj3y-byq2 CVE-2025-5420 GHSA-49rr-34j5-r8mw
Affected version: <=3.4.2
Reported by:
GitHub