Vulnerabilities > SS Proj > Shirasagi > 1.17.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-46898 | Path Traversal vulnerability in Ss-Proj Shirasagi SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. | 7.5 |
| 2023-09-15 | CVE-2023-41889 | Improper Encoding or Escaping of Output vulnerability in Ss-Proj Shirasagi SHIRASAGI is a Content Management System. | 5.3 |
| 2023-09-05 | CVE-2023-36492 | Cross-site Scripting vulnerability in Ss-Proj Shirasagi Reflected cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product. | 6.1 |
| 2023-09-05 | CVE-2023-38569 | Cross-site Scripting vulnerability in Ss-Proj Shirasagi Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product. | 5.4 |
| 2023-09-05 | CVE-2023-39448 | Path Traversal vulnerability in Ss-Proj Shirasagi Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on the server, resulting in arbitrary code execution. | 8.8 |