Vulnerabilities > Torchbox
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-19 | CVE-2023-45809 | Information Exposure Through Log Files vulnerability in Torchbox Wagtail Wagtail is an open source content management system built on Django. | 2.7 |
2023-04-03 | CVE-2023-28836 | Unspecified vulnerability in Torchbox Wagtail Wagtail is an open source content management system built on Django. | 5.4 |
2023-04-03 | CVE-2023-28837 | Unspecified vulnerability in Torchbox Wagtail Wagtail is an open source content management system built on Django. | 4.9 |
2022-01-18 | CVE-2022-21683 | Information Exposure vulnerability in Torchbox Wagtail Wagtail is a Django based content management system focused on flexibility and user experience. | 4.3 |
2021-06-17 | CVE-2021-32681 | Unspecified vulnerability in Torchbox Wagtail Wagtail is an open source content management system built on Django. | 5.4 |
2021-04-19 | CVE-2021-29434 | Unspecified vulnerability in Torchbox Wagtail Wagtail is a Django content management system. | 4.8 |
2020-07-20 | CVE-2020-15118 | Cross-site Scripting vulnerability in Torchbox Wagtail In Wagtail before versions 2.7.4 and 2.9.3, when a form page type is made available to Wagtail editors through the `wagtail.contrib.forms` app, and the page template is built using Django's standard form rendering helpers such as form.as_p, any HTML tags used within a form field's help text will be rendered unescaped in the page. | 5.4 |
2020-04-30 | CVE-2020-11037 | Race Condition vulnerability in Torchbox Wagtail 2.8/2.8.1 In Wagtail before versions 2.7.3 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. | 4.7 |
2020-04-14 | CVE-2020-11001 | Unspecified vulnerability in Torchbox Wagtail In Wagtail before versions 2.8.1 and 2.7.2, a cross-site scripting (XSS) vulnerability exists on the page revision comparison view within the Wagtail admin interface. | 6.8 |