Vulnerabilities > Getkirby > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-24 | CVE-2022-39314 | Improper Restriction of Excessive Authentication Attempts vulnerability in Getkirby Kirby Kirby is a flat-file CMS. | 3.7 |
| 2021-11-16 | CVE-2021-41258 | Cross-site Scripting vulnerability in Getkirby Kirby Kirby is an open source file structured CMS. | 2.1 |
| 2021-11-16 | CVE-2021-41252 | Cross-site Scripting vulnerability in Getkirby Kirby Kirby is an open source file structured CMS ### Impact Kirby's writer field stores its formatted content as HTML code. | 2.1 |
| 2021-07-02 | CVE-2021-32735 | Cross-site Scripting vulnerability in Getkirby Kirby Kirby is a content management system. | 3.5 |
| 2021-04-27 | CVE-2021-29460 | Cross-site Scripting vulnerability in Getkirby Kirby Kirby is an open source CMS. | 3.5 |
| 2019-05-13 | CVE-2018-16623 | Cross-site Scripting vulnerability in Getkirby Kirby 2.5.12 Kirby V2.5.12 is prone to a Persistent XSS attack via the Title of the "Site options" in the admin panel dashboard dropdown. | 3.5 |
| 2019-05-13 | CVE-2018-16624 | Cross-site Scripting vulnerability in Getkirby Kirby 2.5.12 panel/pages/home/edit in Kirby v2.5.12 allows XSS via the title of a new page. | 3.5 |
| 2018-12-28 | CVE-2018-16630 | Cross-site Scripting vulnerability in Getkirby Kirby 2.5.12 Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file. | 3.5 |
| 2018-12-04 | CVE-2018-16628 | Cross-site Scripting vulnerability in Getkirby Kirby 2.5.12 panel/login in Kirby v2.5.12 allows XSS via a blog name. | 3.5 |
| 2017-11-13 | CVE-2017-16807 | Cross-site Scripting vulnerability in Getkirby Panel A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, 2.4.x before 2.4.2, and 2.5.x before 2.5.7 exists when displaying a specially prepared SVG document that has been uploaded as a content file. | 3.5 |