RubyGems package
spina
pkg:gem/spina
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-7106 | — | <= 2.18.0 | — | Jul 25, 2024 | A vulnerability classified as problematic was found in Spina CMS 2.18.0. Affected by this vulnerability is an unknown functionality of the file /admin/media_folders. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been di | ||
| CVE-2023-3445 | — | < 2.15.1 | 2.15.1 | Jun 28, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository spinacms/spina prior to 2.15.1. | ||
| CVE-2015-4619 | Hig | 8.8 | < 0.6.29 | 0.6.29 | Sep 7, 2017 | Cross-site request forgery (CSRF) vulnerability in Spina before commit bfe44f289e336f80b6593032679300c493735e75. |
- CVE-2024-7106Jul 25, 2024affected <= 2.18.0
A vulnerability classified as problematic was found in Spina CMS 2.18.0. Affected by this vulnerability is an unknown functionality of the file /admin/media_folders. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been di
- CVE-2023-3445Jun 28, 2023affected < 2.15.1fixed 2.15.1
Cross-site Scripting (XSS) - Stored in GitHub repository spinacms/spina prior to 2.15.1.
- affected < 0.6.29fixed 0.6.29
Cross-site request forgery (CSRF) vulnerability in Spina before commit bfe44f289e336f80b6593032679300c493735e75.