Filtered by vendor Getkirby
Subscribe
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16623 | 1 Getkirby | 1 Kirby | 2019-05-13 | 3.5 LOW | 4.8 MEDIUM |
| Kirby V2.5.12 is prone to a Persistent XSS attack via the Title of the "Site options" in the admin panel dashboard dropdown. | |||||
| CVE-2018-16630 | 1 Getkirby | 1 Kirby | 2019-02-26 | 3.5 LOW | 4.8 MEDIUM |
| Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file. | |||||
| CVE-2018-16627 | 1 Getkirby | 1 Kirby | 2019-02-26 | 5.8 MEDIUM | 6.1 MEDIUM |
| panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature. | |||||
| CVE-2018-16628 | 1 Getkirby | 1 Kirby | 2019-02-26 | 3.5 LOW | 5.4 MEDIUM |
| panel/login in Kirby v2.5.12 allows XSS via a blog name. | |||||