prod

Ibexa OSS 4.6

3 vulnerabilities in 3 packages has been found

6 abandonned packages has been found



Last analyse : 11 hours ago share

No result.

3 vulnerabilities in 3 packages has been found


medium  Ibexa Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget
Affected versions : >=4.6.0-beta1,<4.6.9
Patched versions : 4.6.9 https://github.com/advisories/GHSA-qm44-wjm2-pr59


high  Persistent Cross-site Scripting in Ibexa RichText Field Type
Affected versions : >=4.6.0,<4.6.10
Patched versions : 4.6.10 https://github.com/advisories/GHSA-hvcf-6324-cjh7


high  Twig has a possible sandbox bypass
Affected versions : >=3.0.0,<3.14.0|>=2.0.0,<2.16.1|>=1.0.0,<1.44.8
Patched versions : 1.44.8 2.16.1 3.14.0 https://github.com/advisories/GHSA-6j75-5wfj-gh66
Your version is Ibexa 4.6 sort
Your version is Symfony 5.4 sort
Your version is Php 7.4 sort