thinkcmf/thinkcmf Security Advisories for 5.0-RC4 (5)
-
[MEDIUM] ThinkCMF Cross-site Scripting Vulnerability
PKSA-25jc-skwc-418t CVE-2020-25915 GHSA-4847-gqxx-v9xp
Affected version: <5.1.7
Reported by:
GitHub -
[HIGH] ThinkCMF Cross Site Request Forgery (CSRF) vulnerability
PKSA-5gts-xk32-3z9f CVE-2022-40489 GHSA-6xw3-cpqj-8mxr
Affected version: <6.0.8
Reported by:
GitHub -
[MEDIUM] ThinkCMF Stored Cross-Site Scripting (XSS)
PKSA-8j24-hmmb-s5br CVE-2022-40849 GHSA-m9mf-rqx6-2xpc
Affected version: <6.0.8
Reported by:
GitHub -
[MEDIUM] Incorrect Authorization in thinkcmf
PKSA-n19v-r1t7-nz7f CVE-2021-40616 GHSA-v25c-8349-v2q3
Affected version: <=5.1.7
Reported by:
GitHub -
[MEDIUM] ThinkCMF Cross Site Request Forgerly (CSRF) vulnerability
PKSA-mk69-nwc6-yt4m CVE-2020-18151 GHSA-842m-vp3r-qwwr
Affected version: <6.0.8
Reported by:
GitHub