Packagist (Composer) package
getkirby/kirby
pkg:composer/getkirby/kirby
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-30159 | — | < 3.9.8.3 | 3.9.8.3 | May 13, 2025 | Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the `snippet()` helper or `$kirby->snippet()` method with a dynamic snippet name (such as a snippet name that depends on request o | ||
| CVE-2018-16630 | — | <= 2.5.12 | — | Dec 28, 2018 | Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file. |
- CVE-2025-30159May 13, 2025affected < 3.9.8.3fixed 3.9.8.3
Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the `snippet()` helper or `$kirby->snippet()` method with a dynamic snippet name (such as a snippet name that depends on request o
- CVE-2018-16630Dec 28, 2018affected <= 2.5.12
Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file.