Vulnerabilities > Sulu

DATE CVE VULNERABILITY TITLE RISK
2024-10-03 CVE-2024-47617 Cross-site Scripting vulnerability in Sulu 2.5.20/2.6.4
Sulu is a PHP content management system.
network
low complexity
sulu CWE-79
6.1
2024-10-03 CVE-2024-47618 Cross-site Scripting vulnerability in Sulu
Sulu is a PHP content management system.
network
low complexity
sulu CWE-79
5.4
2024-06-06 CVE-2024-37156 Cross-site Scripting vulnerability in Sulu Suluformbundle
The SuluFormBundle adds support for creating dynamic forms in Sulu Admin.
network
low complexity
sulu CWE-79
6.1
2024-02-05 CVE-2024-24807 Cross-site Scripting vulnerability in Sulu
Sulu is a highly extensible open-source PHP content management system based on the Symfony framework.
network
low complexity
sulu CWE-79
4.8
2023-08-04 CVE-2023-39343 Unspecified vulnerability in Sulu
Sulu is an open-source PHP content management system based on the Symfony framework.
network
low complexity
sulu
4.3
2021-12-15 CVE-2021-43836 Unspecified vulnerability in Sulu
Sulu is an open-source PHP content management system based on the Symfony framework.
network
low complexity
sulu
8.8
2021-10-21 CVE-2021-41169 Unspecified vulnerability in Sulu
Sulu is an open-source PHP content management system based on the Symfony framework.
network
low complexity
sulu
4.8
2021-07-02 CVE-2021-32737 Cross-site Scripting vulnerability in Sulu
Sulu is an open-source PHP content management system based on the Symfony framework.
network
low complexity
sulu CWE-79
4.8
2020-08-05 CVE-2020-15132 Information Exposure Through an Error Message vulnerability in Sulu
In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address.
network
low complexity
sulu CWE-209
5.3
2018-01-09 CVE-2017-1000465 Cross-site Scripting vulnerability in Sulu Sulu-Standard 1.6.6
Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code.
network
low complexity
sulu CWE-79
5.4