verbb/comments Security Advisories for 1.0.6.1 (3)
-
[MEDIUM] Comments plugin Cross-Site Request Forgery (CSRF)
PKSA-bnp7-gf12-mw88 CVE-2020-13868 GHSA-4r8c-pj7x-m5jx
Affected version: <1.5.5
Reported by:
GitHub -
[MEDIUM] Comments plugin stored Cross-site Scripting via a guest name
PKSA-hz67-888x-89v4 CVE-2020-13869 GHSA-jhhf-c849-3rh2
Affected version: <1.5.5
Reported by:
GitHub -
[MEDIUM] Comments plugin stored Cross-site Scripting (XSS) via an asset volume name
PKSA-sp9y-x9kf-mmtw CVE-2020-13870 GHSA-69ww-wv3j-mhg4
Affected version: <1.5.5
Reported by:
GitHub