Filtered by vendor Getkirby
Subscribe
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16630 | 1 Getkirby | 1 Kirby | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
| Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file. | |||||
| CVE-2018-16627 | 1 Getkirby | 1 Kirby | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
| panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature. | |||||
| CVE-2018-16628 | 1 Getkirby | 1 Kirby | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| panel/login in Kirby v2.5.12 allows XSS via a blog name. | |||||
| CVE-2017-16807 | 1 Getkirby | 1 Panel | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, 2.4.x before 2.4.2, and 2.5.x before 2.5.7 exists when displaying a specially prepared SVG document that has been uploaded as a content file. | |||||