getkirby/cms
packagist · The Kirby core · Repository · Package
Moderate Security Advisories for getkirby/cms in packagist Clear Filters
Moderate
5 months ago
Kirby vulnerable to path traversal of collection names during file system lookup
packagist
getkirby/cms
Moderate
over 1 year ago
Kirby vulnerable to Cross-site scripting (XSS) in the link field "Custom" type
packagist
getkirby/cms
Moderate
over 1 year ago
Kirby vulnerable to self cross-site scripting (self-XSS) in the URL field
packagist
getkirby/cms
Moderate
over 1 year ago
Kirby vulnerable to unrestricted file upload of user avatar images
packagist
getkirby/cms
Moderate
about 2 years ago
XML External Entity (XXE) vulnerability in the XML data handler
packagist
getkirby/cms
Moderate
about 2 years ago
Cross-site scripting (XSS) from MIME type auto-detection of uploaded files
packagist
getkirby/cms
Moderate
almost 3 years ago
Kirby CMS vulnerable to user enumeration in the brute force protection
packagist
getkirby/cms
Moderate
almost 3 years ago
Kirby CMS vulnerable to user enumeration in the code-based login and password reset forms
packagist
getkirby/cms
Moderate
about 3 years ago
Cross-site scripting from dynamic options in the multiselect field
packagist
getkirby/cms
Moderate
almost 4 years ago
Cross-site scripting (XSS) from image block content in the site frontend
packagist
getkirby/cms
Moderate
almost 4 years ago
Cross-site scripting (XSS) from writer field content in the site frontend
packagist
getkirby/cms
Moderate
over 4 years ago
Kirby .dev domains and some reverse proxy setups were treated as local
packagist
getkirby/cms, getkirby/panel
Moderate
almost 5 years ago
Kirby Panel users could upload PHP Phar archives as content files before v2.5.14 and v3.4.5
packagist
getkirby/cms, getkirby/panel