lavalite/cms Security Advisories for v5.4.0 (10)
-
[MEDIUM] LavaLite vulnerable to Cross Site Scripting
PKSA-4nfv-7qwv-ggym CVE-2023-30124 GHSA-h538-r9x6-rcmc
Affected version: <=9.0.0
Reported by:
GitHub -
[MEDIUM] LavaLite CMS vulnerable to host header injection attack
PKSA-g6vf-n3m4-m9qn CVE-2023-27237 GHSA-94q4-v5g6-qp7x
Affected version: <=9.0.0
Reported by:
GitHub -
[CRITICAL] LavaLite vulnerable to web cache poisoning
PKSA-zzjm-3hfj-k9w1 CVE-2023-27238 GHSA-6vcf-cfjp-qxcw
Affected version: <=9.0.0
Reported by:
GitHub -
[MEDIUM] LavaLite Stored Cross-site Scripting vulnerability
PKSA-sgqh-4k5h-rvw1 CVE-2020-36397 GHSA-3cfg-rxh6-h2rh
Affected version: <=5.8.0
Reported by:
GitHub -
[MEDIUM] Stored XSS in LavaLite 5.8.0
PKSA-qwt9-1zjj-dzfd CVE-2020-36395 GHSA-vv33-27jm-cvxq
Affected version: <5.8.0
Reported by:
GitHub -
[MEDIUM] Stored XSS in LavaLite 5.8.0
PKSA-t2vb-1jsx-c1m3 CVE-2020-36396 GHSA-gjf5-j475-p4g6
Affected version: <=5.8.0
Reported by:
GitHub -
[MEDIUM] Cross Site Scripting (XSS) in LavaLite 5.8.0
PKSA-q8mb-w3cv-hdtz CVE-2020-28124 GHSA-6r6h-vhg7-53x7
Affected version: <=5.8.0
Reported by:
GitHub -
[MEDIUM] Stored XSS in LavaLite 5.5
PKSA-cx4q-xnyk-1c4f CVE-2018-16551 GHSA-pxxp-283v-xpq5
Affected version: <5.5
Reported by:
GitHub -
[MEDIUM] Cross-site scripting in LavaLite-CMS
PKSA-qp76-stj4-b14w CVE-2020-23700 GHSA-592v-7frm-h44q
Affected version: <=5.8.0
Reported by:
GitHub -
[MEDIUM] Cross Site Scripting in LavaLite CMS
PKSA-qvkt-87b2-cwtc CVE-2020-23234 GHSA-v2f3-f8x4-m3w8
Affected version: <=5.8.0
Reported by:
GitHub