lavalite/cms Security Advisories for v8.1.2 (3)
-
[MEDIUM] LavaLite vulnerable to Cross Site Scripting
PKSA-4nfv-7qwv-ggym CVE-2023-30124 GHSA-h538-r9x6-rcmc
Affected version: <=9.0.0
Reported by:
GitHub -
[MEDIUM] LavaLite CMS vulnerable to host header injection attack
PKSA-g6vf-n3m4-m9qn CVE-2023-27237 GHSA-94q4-v5g6-qp7x
Affected version: <=9.0.0
Reported by:
GitHub -
[CRITICAL] LavaLite vulnerable to web cache poisoning
PKSA-zzjm-3hfj-k9w1 CVE-2023-27238 GHSA-6vcf-cfjp-qxcw
Affected version: <=9.0.0
Reported by:
GitHub