Thexerteproject Xerteonlinetoolkits
4 CVEs affecting Thexerteproject Xerteonlinetoolkits. Latest disclosed: 2026-04-22. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-34415 | Critical | 9.8 | 2026-04-22 | Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP… |
CVE-2026-34413 | High | 8.6 | 2026-04-22 | Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/conne… |
CVE-2026-34414 | High | 7.1 | 2026-04-22 | Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/conn… |
CVE-2026-41459 | Medium | 5.3 | 2026-04-22 | Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full serv… |