sulu/sulu Security Advisories for 1.6.37 (3)
-
[HIGH] PHP file inclusion in the Sulu admin panel
PKSA-vy6d-prcg-w42z CVE-2021-43836 GHSA-vx6j-pjrh-vgjh
Affected version: =2.4.0-RC1|>=2.3.0,<2.3.8|>=2.0.0,<2.2.18|<1.6.44
Reported by:
GitHub -
[MEDIUM] Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in sulu/sulu
PKSA-gccp-7sgc-fjvt CVE-2021-41169 GHSA-h58v-g3q6-q9fx
Affected version: <1.6.43
Reported by:
GitHub -
[MEDIUM] XSS Injection in Media Collection Title was possible
PKSA-7zp7-xygz-tgfc CVE-2021-32737 GHSA-gm2x-6475-g9r8
Affected version: <1.6.41
Reported by:
GitHub