Xibosignage Xibo-cms
19 CVEs affecting Xibosignage Xibo-cms. Latest disclosed: 2026-05-12. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-29022 | High | 8.8 | 2024-04-12 | Xibo is an Open Source Digital Signage platform with a web content management system and Windows display player software. In affected versions some request hea… |
CVE-2023-33177 | High | 8.8 | 2023-05-30 | Xibo is a content management system (CMS). A path traversal vulnerability exists in the Xibo CMS whereby a specially crafted zip file can be uploaded to the CM… |
CVE-2024-41802 | High | 8.1 | 2024-07-30 | Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API routes inside the CMS responsible for Filtering DataSets. T… |
CVE-2026-42141 | High | 7.7 | 2026-05-12 | Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Serv… |
CVE-2026-31952 | High | 7.6 | 2026-04-24 | Xibo is an open source digital signage platform with a web content management system and Windows display player software. Versions 1.7 through 4.4.0 have an SQ… |
CVE-2025-62369 | High | 7.2 | 2025-11-04 | Xibo is an open source digital signage platform with a web content management system (CMS). Versions 4.3.0 and below contain a Remote Code Execution vulnerabil… |
CVE-2024-29023 | High | 7.2 | 2024-04-12 | Xibo is an Open Source Digital Signage platform with a web content management system and Windows display player software. Session tokens are exposed in the ret… |
CVE-2024-41944 | Medium | 6.5 | 2024-07-30 | Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the `report/data/proofofplayReport` API route inside the CMS. This… |
CVE-2024-41804 | Medium | 6.5 | 2024-07-30 | Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API route inside the CMS responsible for Adding/Editing DataSet… |
CVE-2023-33180 | Medium | 6.5 | 2023-05-30 | Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to version 3.3.2 in the `/display/… |
CVE-2023-33179 | Medium | 6.5 | 2023-05-30 | Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to version 3.3.5 in the `nameFilte… |
CVE-2023-33178 | Medium | 6.5 | 2023-05-30 | Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the `/dataset/data/{id}` API route inside the CMS starting in versi… |
CVE-2026-31953 | Medium | 6.4 | 2026-04-24 | Xibo is an open source digital signage platform with a web content management system and Windows display player software. A stored Cross-Site Scripting (XSS) v… |
CVE-2026-31955 | Medium | 4.9 | 2026-04-24 | Xibo is an open source digital signage platform with a web content management system and Windows display player software. An authenticated Server-Side Request… |
CVE-2024-41803 | Medium | 4.9 | 2024-07-30 | Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API routes inside the CMS responsible for Filtering DataSets. T… |
CVE-2024-43412 | Medium | 4.6 | 2024-09-03 | Xibo is an open source digital signage platform with a web content management system (CMS). Prior to version 4.1.0, a cross-site scripting vulnerability in Xib… |
CVE-2026-31956 | Medium | 4.3 | 2026-04-24 | Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to version 4.4.1, any authentic… |
CVE-2023-33181 | Medium | 4.3 | 2023-05-30 | Xibo is a content management system (CMS). Starting in version 3.0.0 and prior to version 3.3.5, some API routes will print a stack trace when called with miss… |
CVE-2024-43413 | Low | 3.5 | 2024-09-03 | Xibo is an open source digital signage platform with a web content management system (CMS). Prior to version 4.1.0, a cross-site scripting vulnerability in Xib… |