Vulnerabilities > Expressionengine > Expressionengine > 2.10.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-06-22 | CVE-2017-0897 | Insufficient Entropy vulnerability in Expressionengine ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with weak entropy. | 5.0 |