RSS   Vulnerabilities for 'Symphony'   RSS

2021-10-31
 
CVE-2020-25912

CWE-611
 

 
A XML External Entity (XXE) vulnerability was discovered in symphony\lib\toolkit\class.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS).

 
2020-10-07
 
CVE-2020-25343

CWE-79
 

 
Cross-site scripting (XSS) vulnerabilities in Symphony CMS 3.0.0 allow remote attackers to inject arbitrary web script or HTML to fields['body'] param via events\event.publish_article.php

 
2018-06-07
 
CVE-2018-12043

CWE-79
 

 
content/content.blueprintspages.php in Symphony 2.7.6 has XSS via the pages content page.

 

 >>> Vendor: Getsymphony 2 Products
Symphony
Symphony cms


Copyright 2024, cxsecurity.com

 

Back to Top