Vulnerabilities > Luya
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-01 | CVE-2022-1544 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Luya Yii-Helpers Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. | 6.8 |
| 2018-10-15 | CVE-2018-18259 | Cross-site Scripting vulnerability in Luya CMS 1.0.12 Stored XSS has been discovered in version 1.0.12 of the LUYA CMS software via /admin/api-cms-nav/create-page. | 4.3 |