Vulnerabilities > Torchbox > Wagtail > 2.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-19 | CVE-2023-45809 | Information Exposure Through Log Files vulnerability in Torchbox Wagtail Wagtail is an open source content management system built on Django. | 2.7 |
| 2023-04-03 | CVE-2023-28837 | Allocation of Resources Without Limits or Throttling vulnerability in Torchbox Wagtail Wagtail is an open source content management system built on Django. | 4.9 |
| 2021-06-17 | CVE-2021-32681 | Cross-site Scripting vulnerability in Torchbox Wagtail Wagtail is an open source content management system built on Django. | 3.5 |
| 2020-07-20 | CVE-2020-15118 | Cross-site Scripting vulnerability in Torchbox Wagtail In Wagtail before versions 2.7.4 and 2.9.3, when a form page type is made available to Wagtail editors through the `wagtail.contrib.forms` app, and the page template is built using Django's standard form rendering helpers such as form.as_p, any HTML tags used within a form field's help text will be rendered unescaped in the page. | 3.5 |
| 2020-04-14 | CVE-2020-11001 | Cross-site Scripting vulnerability in Torchbox Wagtail In Wagtail before versions 2.8.1 and 2.7.2, a cross-site scripting (XSS) vulnerability exists on the page revision comparison view within the Wagtail admin interface. | 3.5 |