Vulnerabilities > EZ > EZ Publish > 4.3.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-02 | CVE-2017-1000431 | Cross-site Scripting vulnerability in EZ Publish eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. | 4.3 |
2012-10-06 | CVE-2012-1565 | Security vulnerability in eZ Publish Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference. | 7.5 |
2012-07-25 | CVE-2012-4053 | Cross-Site Request Forgery (CSRF) vulnerability in EZ Publish 4.1.0/4.2.0/4.3.0 Cross-site request forgery (CSRF) vulnerability in eZOE flash player in eZ Publish 4.1 through 4.6 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |