Filtered by vendor Publify Project
Subscriptions
Total
14 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3211 | 1 Publify Project | 1 Publify | 2024-08-06 | 7.5 High |
| Publify before 8.0.1 is vulnerable to a Denial of Service attack | ||||
| CVE-2021-25974 | 1 Publify Project | 1 Publify | 2024-08-03 | 5.4 Medium |
| In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while creating a page/article. | ||||
| CVE-2021-25975 | 1 Publify Project | 1 Publify | 2024-08-03 | 5.4 Medium |
| In publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS as a result of an unrestricted file upload. This issue allows a user with “publisher” role to inject malicious JavaScript via the uploaded html file. | ||||
| CVE-2021-25973 | 1 Publify Project | 1 Publify | 2024-08-03 | 6.5 Medium |
| In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. “guest” role users can self-register even when the admin does not allow. This happens due to front-end restriction only. | ||||
| CVE-2022-2815 | 1 Publify Project | 1 Publify | 2024-08-03 | 6.5 Medium |
| Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2022-1812 | 1 Publify Project | 1 Publify | 2024-08-03 | 9.8 Critical |
| Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2022-1810 | 1 Publify Project | 1 Publify | 2024-08-03 | 4.3 Medium |
| Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9. | ||||
| CVE-2022-1811 | 1 Publify Project | 1 Publify | 2024-08-03 | 5.4 Medium |
| Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9. | ||||
| CVE-2022-1553 | 1 Publify Project | 1 Publify | 2024-08-03 | 4.9 Medium |
| Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integrity of users. | ||||
| CVE-2022-0574 | 1 Publify Project | 1 Publify | 2024-08-02 | 6.5 Medium |
| Improper Access Control in GitHub repository publify/publify prior to 9.2.8. | ||||
| CVE-2022-0524 | 1 Publify Project | 1 Publify | 2024-08-02 | 7.5 High |
| Business Logic Errors in GitHub repository publify/publify prior to 9.2.7. | ||||
| CVE-2022-0578 | 1 Publify Project | 1 Publify | 2024-08-02 | 6.5 Medium |
| Code Injection in GitHub repository publify/publify prior to 9.2.8. | ||||
| CVE-2023-0569 | 1 Publify Project | 1 Publify | 2024-08-02 | 6.5 Medium |
| Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2023-0299 | 1 Publify Project | 1 Publify | 2024-08-02 | 9.8 Critical |
| Improper Input Validation in GitHub repository publify/publify prior to 9.2.10. | ||||
Page 1 of 1.