Vulnerabilities > Torchbox

DATE CVE VULNERABILITY TITLE RISK
2023-10-19 CVE-2023-45809 Information Exposure Through Log Files vulnerability in Torchbox Wagtail
Wagtail is an open source content management system built on Django.
network
low complexity
torchbox CWE-532
2.7
2023-04-03 CVE-2023-28836 Unspecified vulnerability in Torchbox Wagtail
Wagtail is an open source content management system built on Django.
network
low complexity
torchbox
5.4
2023-04-03 CVE-2023-28837 Unspecified vulnerability in Torchbox Wagtail
Wagtail is an open source content management system built on Django.
network
low complexity
torchbox
4.9
2022-01-18 CVE-2022-21683 Information Exposure vulnerability in Torchbox Wagtail
Wagtail is a Django based content management system focused on flexibility and user experience.
network
low complexity
torchbox CWE-200
4.3
2021-06-17 CVE-2021-32681 Unspecified vulnerability in Torchbox Wagtail
Wagtail is an open source content management system built on Django.
network
low complexity
torchbox
5.4
2021-04-19 CVE-2021-29434 Unspecified vulnerability in Torchbox Wagtail
Wagtail is a Django content management system.
network
low complexity
torchbox
4.8
2020-07-20 CVE-2020-15118 Cross-site Scripting vulnerability in Torchbox Wagtail
In Wagtail before versions 2.7.4 and 2.9.3, when a form page type is made available to Wagtail editors through the `wagtail.contrib.forms` app, and the page template is built using Django's standard form rendering helpers such as form.as_p, any HTML tags used within a form field's help text will be rendered unescaped in the page.
network
low complexity
torchbox CWE-79
5.4
2020-04-30 CVE-2020-11037 Race Condition vulnerability in Torchbox Wagtail 2.8/2.8.1
In Wagtail before versions 2.7.3 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls.
local
high complexity
torchbox CWE-362
4.7
2020-04-14 CVE-2020-11001 Unspecified vulnerability in Torchbox Wagtail
In Wagtail before versions 2.8.1 and 2.7.2, a cross-site scripting (XSS) vulnerability exists on the page revision comparison view within the Wagtail admin interface.
network
low complexity
torchbox
6.8