VYPR

Kirby CMS

by Getkirby

Source repositories

CVEs (3)

  • CVE-2018-14520MedAug 24, 2022
    risk 0.35cvss 5.4epss 0.01

    An issue was discovered in Kirby 2.5.12. The application allows malicious HTTP requests to be sent in order to trick a user into adding web pages.

  • CVE-2018-14519MedAug 24, 2022
    risk 0.28cvss 4.3epss 0.00

    An issue was discovered in Kirby 2.5.12. The delete page functionality suffers from a CSRF flaw. A remote attacker can craft a malicious CSRF page and force the user to delete a page.

  • CVE-2024-26484Feb 22, 2024
    risk 0.00cvss epss 0.00

    A stored cross-site scripting (XSS) vulnerability in the Edit Content Layout module of Kirby CMS v4.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Link field. NOTE: the vendor's position is that this issue did not affect any…