Vulnerabilities > EZ > EZ Publish > 4.1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-02 | CVE-2017-1000431 | Cross-site Scripting vulnerability in EZ Publish eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. | 4.3 |
2012-07-25 | CVE-2012-4053 | Cross-Site Request Forgery (CSRF) vulnerability in EZ Publish 4.1.0/4.2.0/4.3.0 Cross-site request forgery (CSRF) vulnerability in eZOE flash player in eZ Publish 4.1 through 4.6 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |