EUVD-2025-34903

ezsystems/ezplatform-admin-ui has an XSS vulnerability in Cancel/Reschedule future publication modal...

ezsystems/ezplatform-http-cache affected by Breach with Varnish VCL

Impact This is not a vulnerability in the code per se, but included Varnish VCL templates enable compression of API and JSON messages. This is a potential case of the BREACH vulnerability, which affects HTTP compression, where secrets can be extracted through carefully crafted requests. The fix...

Cross Site Scripting (XSS)

ezsystems/ezplatform-admin-ui is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient escaping of user-generated content within parts of the Admin UI, allowing attackers to inject malicious scripts that can then be executed within the context of other users' sessions o...

Sensitive Information Disclosure

ezsystems/ezpublish-kernel is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the REST API potentially disclosing the names of all available site accesses...

Remote Code Execution (RCE)

ezsystems/ezpublish-kernel is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of file uploads, which can lead to remote code execution...

Access Bypass

ezsystems/ezplatform is vulnerable to Access Bypass. The vulnerability is due to inadequate rewrite rules for blocking access to executable files in the var directory when using eZ Platform Cloud on Platform.sh...

Object Injection

ezsystems/ezpublish-legacy is vulnerable to Object Injection. The vulnerability due to in the Legacy Shop module which allows an attacker with backend editor privileges to manipulate the discount rule settings...

Sensitive Information Disclosure

ezsystems/repository-forms is vulnerable to Sensitive Information Disclosure. The vulnerability is caused due to missing permission checks before allowing access to user data. Specifically, the system did not properly verify if the user had the 'content' edit permissions, which allowed...

Authentication Bypass

ezsystems/ezpublish-legacy is vulnerable to Authentication Bypass. The vulnerability is due the standard login handler failing to verify passwords correctly in rare cases when using the legacy LDAP login handler or the TextFile login handler in combination with the standard legacy login handler...

Remote Code Execution

ezsystems is vulnerable to Remote Code Execution. The vulnerability is due to object injection in the SiteAccessMatchListener, which could lead to remote code execution RCE...

eZ Platform Admin UI Password reset vulnerability

his Security Update fixes a severe vulnerability in the eZ Platform Admin UI, and we recommend that you install it as soon as possible. It affects eZ Platform 2.x. The functionality for resetting a forgotten password is vulnerable to brute force attack. Depending on configuration and other...

GHSA-2W9P-XXQR-H253 eZ Platform Object Injection in SiteAccessMatchListener

This Security Advisory is about an object injection vulnerability in the SiteAccessMatchListener of eZ Platform, which could lead to remote code execution RCE, a very serious threat. All sites may be affected. Update: There are bugs introduced by this fix, particularly but not limited to compound...

eZ Platform Object Injection in SiteAccessMatchListener

This Security Advisory is about an object injection vulnerability in the SiteAccessMatchListener of eZ Platform, which could lead to remote code execution RCE, a very serious threat. All sites may be affected. Update: There are bugs introduced by this fix, particularly but not limited to compound...

eZ Platform Bundled jQuery affected by CVE-2019-11358

In eZ Platform 2.x, ezsystems/ezplatform-admin-ui-assets before v4.2.0 includes jQuery version 3.3.1. This version of jQuery is affected by the security vulnerability https://www.cvedetails.com/cve/CVE-2019-11358/ This is fixed in jQuery version 3.4. We recommend that you upgrade your...

GHSA-XMP3-7745-G4VJ ezsystems/ez-support-tools Failing access control in system info view

This Security Advisory is about a vulnerability in ezsystems/ez-support-tools v2.2, part of Ibexa DXP v3.2. Older versions are not affected. A user having insufficient permissions is able to access the system information tabs if they type in the direct link the link is not shown in the menu. The...

ezsystems/ez-support-tools Failing access control in system info view

This Security Advisory is about a vulnerability in ezsystems/ez-support-tools v2.2, part of Ibexa DXP v3.2. Older versions are not affected. A user having insufficient permissions is able to access the system information tabs if they type in the direct link the link is not shown in the menu. The...

Cross site scripting

Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf...

Privilege Escalation

ezsystems/ezpublish-kernel and ezsystems/ezplatform-kernel is vulnerable to Privilege Escalation. The vulnerability exists due to Improper privilege management in the admin role which allows to attacker bypass the admin policy and assign any role to any user...

GHSA-H5V2-WRHP-5V35 Access control issue in ezsystems/ezpublish-kernel

Access control based on object state is mishandled. This is a policy you can use in your roles to limit access to content based on specific object state values. Due to a flawed earlier update, these limitations were ineffective in releases made since February 16th 2022. They would grant access to...

Privilege Escalation

ezsystems/ezplatform-admin-ui is vulnerable to privilege escalation. The vulnerability exists because the library does not properly handle the Company admin role, allowing an admin user to assign any role to any user...