winter/wn-backend-module Security Advisories for v1.1.7 (2)
-
[LOW] Winter CMS Local File Inclusion through Server Side Template Injection
PKSA-jmfx-ybbt-h9sn CVE-2023-52085 GHSA-2x7r-93ww-cxrq
Affected version: <1.2.4
Reported by:
GitHub -
[LOW] Winter CMS Stored XSS through Backend ColorPicker FormWidget
PKSA-bqyd-f44h-g5jx CVE-2023-52084 GHSA-43w4-4j3c-jx29
Affected version: <1.2.4
Reported by:
GitHub