Vulnerabilities > Sylius

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-27	CVE-2020-5220	Information Exposure vulnerability in Sylius Syliusresourcebundle Sylius ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. network low complexity sylius CWE-200	5.0
2020-01-27	CVE-2020-5218	HTTP Request Smuggling vulnerability in Sylius Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments. network low complexity sylius CWE-444	4.0
2019-12-31	CVE-2019-12186	Cross-site Scripting vulnerability in Sylius Grid An issue was discovered in Sylius products. network sylius CWE-79	3.5
2019-12-05	CVE-2019-16768	Information Exposure Through an Error Message vulnerability in Sylius In affected versions of Sylius, exception messages from internal exceptions (like database exception) are wrapped by \Symfony\Component\Security\Core\Exception\AuthenticationServiceException and propagated through the system to UI. network low complexity sylius CWE-209	4.0

Vulnerabilities > Sylius {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sylius"}]}