Homepage
About Snyk

getkirby/cms vulnerabilities

  • licenses detected

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the getkirby/cms package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-site Scripting (XSS)

<3.6.6.5 >=3.7.0, <3.7.5.4 >=3.8.0, <3.8.4.3 >=3.9.0, <3.9.8.1 >=3.10.0, <3.10.0.1 >=4.0.0, <4.1.1
  • M
Cross-site Scripting (XSS)

<3.6.6.5 >=3.7.0, <3.7.5.4 >=3.8.0, <3.8.4.3 >=3.9.0, <3.9.8.1 >=3.10.0, <3.10.0.1 >=4.0.0, <4.1.1
  • M
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

>=0.0.0
  • M
Cross-site Scripting (XSS)

>=4.0.0, <4.1.0
  • M
Cross-site Scripting (XSS)

<3.5.8.3 >=3.6.0, <3.6.6.3 >=3.7.0, <3.7.5.2 >=3.8.0, <3.8.4.1 >=3.9.0, <3.9.6
  • M
Allocation of Resources Without Limits or Throttling

<3.5.8.3 >=3.6.0, <3.6.6.3 >=3.7.0, <3.7.5.2 >=3.8.0, <3.8.4.1 >=3.9.0, <3.9.6
  • H
Insufficient Session Expiration

<3.5.8.3 >=3.6.0, <3.6.6.3 >=3.7.0, <3.7.5.2 >=3.8.0, <3.8.4.1 >=3.9.0, <3.9.6
  • H
Improper Neutralization

<3.5.8.3 >=3.6.0, <3.6.6.3 >=3.7.0, <3.7.5.2 >=3.8.0, <3.8.4.1 >=3.9.0, <3.9.6
  • M
XML External Entity (XXE) Injection

<3.5.8.3 >=3.6.0, <3.6.6.3 >=3.7.0, <3.7.5.2 >=3.8.0, <3.8.4.1 >=3.9.0, <3.9.6
  • M
Cross-site Scripting (XSS)

<2.3.3 >=2.4, <2.4.2 >=2.5, <2.5.7
  • M
Information Exposure

>=3.5.0, <3.5.8.2 >=3.6.0, <3.6.6.2 >=3.7.0, <3.7.5.1 >=3.8.0, <3.8.1
  • M
Information Exposure

>=3.5.0, <3.5.8.2 >=3.6.0, <3.6.6.2 >=3.7.0, <3.7.5.1 >=3.8.0, <3.8.1
  • M
Cross-site Scripting (XSS)

<3.5.8.1
  • M
Cross-site Scripting (XSS)

>=3.5.0, <3.5.8
  • H
Cross-site Scripting (XSS)

>=3.5.0, <3.5.8
  • M
Cross-site Scripting (XSS)

<3.5.7
  • M
Arbitrary File Upload

>=3.0.0, <3.4.5
  • L
Improper Access Control

<3.3.6