Packagist (Composer) package

austintoddj/canvas

pkg:composer/austintoddj/canvas

Vulnerabilities (2)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2017-1000507		—		<= 3.4.2	—	Feb 9, 2018	Canvs Canvas version 3.4.2 contains a Cross Site Scripting (XSS) vulnerability in User's details that can result in denial of service and execution of javascript code.
CVE-2017-8298	Med	5.4		—	—	Apr 27, 2017	cnvs.io Canvas 3.3.0 has XSS in the title and content fields of a "Posts > Add New" action, and during creation of new tags and users.

CVE-2017-1000507Feb 9, 2018
affected <= 3.4.2
Canvs Canvas version 3.4.2 contains a Cross Site Scripting (XSS) vulnerability in User's details that can result in denial of service and execution of javascript code.
CVE-2017-8298MedApr 27, 2017
cnvs.io Canvas 3.3.0 has XSS in the title and content fields of a "Posts > Add New" action, and during creation of new tags and users.