sulu/sulu Security Advisories for 2.3.7 (4)
-
[MEDIUM] Sulu grants access to pages regardless of role permissions
PKSA-ykzr-rw85-c27h CVE-2024-27915 GHSA-jr83-m233-gg6p
Affected version: >=2.5.0-alpha1,<2.5.13|>=2.2.0,<2.4.17
Reported by:
GitHub -
[LOW] Sulu HTML Injection via Autocomplete Suggestion
PKSA-1zxy-qsnv-h3z4 CVE-2024-24807 GHSA-gfrh-gwqc-63cv
Affected version: >=2.5.0,<2.5.12|>=2.0.0,<2.4.16
Reported by:
GitHub -
[HIGH] Privilege escalation in the Sulu Admin panel
PKSA-drhk-rjxy-c79p CVE-2021-43835 GHSA-84px-q68r-2fc9
Affected version: =2.4.0-RC1|>=2.3.0,<=2.3.7|>=2.0.0,<=2.2.17
Reported by:
GitHub -
[HIGH] PHP file inclusion in the Sulu admin panel
PKSA-vy6d-prcg-w42z CVE-2021-43836 GHSA-vx6j-pjrh-vgjh
Affected version: =2.4.0-RC1|>=2.3.0,<2.3.8|>=2.0.0,<2.2.18|<1.6.44
Reported by:
GitHub