Publify_project Publify
13 CVEs affecting Publify_project Publify. Latest disclosed: 2023-01-29. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-0299 | Critical | 9.8 | 2023-01-14 | Improper Input Validation in GitHub repository publify/publify prior to 9.2.10. |
CVE-2022-1812 | Critical | 9.8 | 2023-01-14 | Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10. |
CVE-2022-0524 | High | 7.5 | 2022-02-08 | Business Logic Errors in GitHub repository publify/publify prior to 9.2.7. |
CVE-2023-0569 | Medium | 6.5 | 2023-01-29 | Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10. |
CVE-2022-2815 | Medium | 6.5 | 2023-01-14 | Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10. |
CVE-2022-0578 | Medium | 6.5 | 2022-05-16 | Code Injection in GitHub repository publify/publify prior to 9.2.8. |
CVE-2022-0574 | Medium | 6.5 | 2022-05-16 | Improper Access Control in GitHub repository publify/publify prior to 9.2.8. |
CVE-2021-25973 | Medium | 6.5 | 2021-11-02 | In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. “guest” role users can self-register even when the admin does not allow. This happen… |
CVE-2022-1811 | Medium | 5.4 | 2022-05-23 | Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9. |
CVE-2021-25975 | Medium | 5.4 | 2021-11-10 | In publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS as a result of an unrestricted file upload. This issue allows a user with “publisher” role to… |
CVE-2021-25974 | Medium | 5.4 | 2021-11-10 | In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while… |
CVE-2022-1553 | Medium | 4.9 | 2022-05-16 | Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vul… |
CVE-2022-1810 | Medium | 4.3 | 2022-05-23 | Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9. |