6.5CVSS
6.8AI Score
0.001EPSS
9.8CVSS
9.1AI Score
0.001EPSS
Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to...
6.5CVSS
6.3AI Score
0.001EPSS
9.8CVSS
9.4AI Score
0.002EPSS
Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to...
5.4CVSS
5.3AI Score
0.001EPSS
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to...
4.3CVSS
4.5AI Score
0.001EPSS
Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and...
4.9CVSS
5AI Score
0.001EPSS
6.5CVSS
6.3AI Score
0.001EPSS
6.5CVSS
6.6AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
In publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS as a result of an unrestricted file upload. This issue allows a user with “publisher” role to inject malicious JavaScript via the uploaded html...
5.4CVSS
5AI Score
0.001EPSS
In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while creating a...
5.4CVSS
5.7AI Score
0.001EPSS
In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. “guest” role users can self-register even when the admin does not allow. This happens due to front-end restriction...
6.5CVSS
6.3AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS