VYPR

Packagist (Composer) package

symphonycms/symphony-2

pkg:composer/symphonycms/symphony-2

Vulnerabilities (2)

  • CVE-2015-8766MedJan 8, 2016
    affected < 2.6.4fixed 2.6.4

    Multiple cross-site scripting (XSS) vulnerabilities in content/content.systempreferences.php in Symphony CMS before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) email_sendmail[from_name], (2) email_sendmail[from_address], (3) email_smtp[from_nam

  • CVE-2011-4340Feb 12, 2012
    affected < 2.2.4fixed 2.2.4

    Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author privileges to inject arbitrary web script or HTML via (1) the profile parameter to extensions/profiledevkit/content/cont