oro/platform Security Advisories for 4.1.0-rc3 (3)
-
[HIGH] OroPlatform vulnerable to path traversal during temporary file manipulations
PKSA-t2jj-zmdx-jdvv CVE-2022-41951 GHSA-9v3j-4j64-p937
Affected version: >=5.0.0,<5.0.8|>=4.2.0,<=4.2.10|>=4.1.0,<=4.1.13
Reported by:
GitHub -
[MEDIUM] XSS vulnerability on email template preview page
PKSA-bqcb-rj59-qx4d CVE-2021-41236 GHSA-qv7g-j98v-8pp7
Affected version: >=4.2.0,<4.2.8|>=4.1.0,<4.1.14|>=3.1.0,<3.1.21
Reported by:
GitHub -
[MEDIUM] Client-Side JavaScript Prototype Pollution in oro/platform
PKSA-qwvx-stpf-9hr2 CVE-2021-43852 GHSA-jx5q-g37m-h5hj
Affected version: >=4.2.0,<4.2.8|>=4.1.0,<4.1.14
Reported by:
GitHub