Vulnerabilities > Sulu > Sulu > 1.6.22

DATE CVE VULNERABILITY TITLE RISK
2021-12-15 CVE-2021-43836 Path Traversal vulnerability in Sulu
Sulu is an open-source PHP content management system based on the Symfony framework.
network
low complexity
sulu CWE-22
6.5
6.5
2021-10-21 CVE-2021-41169 Cross-site Scripting vulnerability in Sulu
Sulu is an open-source PHP content management system based on the Symfony framework.
network
sulu CWE-79
3.5
3.5
2021-07-02 CVE-2021-32737 Cross-site Scripting vulnerability in Sulu
Sulu is an open-source PHP content management system based on the Symfony framework.
network
sulu CWE-79
3.5
3.5
2020-08-05 CVE-2020-15132 Information Exposure Through an Error Message vulnerability in Sulu
In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address.
network
low complexity
sulu CWE-209
5.0
5.0