Vulnerabilities > Omeka
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-28 | CVE-2023-4560 | Unspecified vulnerability in Omeka S Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4. | 6.5 |
2023-08-28 | CVE-2023-4561 | Cross-site Scripting vulnerability in Omeka S Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.4. | 4.8 |
2023-08-04 | CVE-2023-4157 | Injection vulnerability in Omeka S CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3. | 4.8 |
2023-08-04 | CVE-2023-4158 | Unspecified vulnerability in Omeka S Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.3. | 5.4 |
2023-08-04 | CVE-2023-4159 | Unspecified vulnerability in Omeka S Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3. | 8.8 |
2023-07-27 | CVE-2023-3980 | Unspecified vulnerability in Omeka Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2. | 4.8 |
2023-07-27 | CVE-2023-3981 | Server-Side Request Forgery (SSRF) vulnerability in Omeka Server-Side Request Forgery (SSRF) in GitHub repository omeka/omeka-s prior to 4.0.2. | 4.9 |
2023-07-27 | CVE-2023-3982 | Unspecified vulnerability in Omeka Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2. | 4.8 |
2021-07-23 | CVE-2021-26799 | Cross-site Scripting vulnerability in Omeka Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka Classic <=2.7 allows remote attackers to inject arbitrary web script or HTML. | 6.1 |
2018-07-07 | CVE-2018-13423 | Cross-site Scripting vulnerability in Omeka admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag. | 6.1 |