Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization inconsistent permission checks for pages.access, pages.list, files.access, and files.list in the Panel and REST API. An attacker can gain unauthorized access to content or sensitive information by exploiting...

Server-Side Template Injection (SSTI)

getkirby/cms is vulnerable to Server-Side Template Injection SSTI. The vulnerability is due to improper enforcement of page status permissions during page creation through the REST API, which allows an attacker to create published pages directly and bypass the intended editorial workflow...

Cross-site Scripting (XSS)

getkirby/cms is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of user-controlled fields such as page titles or usernames displayed in the "Changes" dialog, which allows an attacker to inject malicious code that executes when another authenticated user...

Arbitrary File Access

getkirby/cms is vulnerable to Arbitrary File Access. The vulnerability is due to missing path traversal checks in the snippet helper or $kirby-snippet method when used with dynamic snippet names, allowing attackers to access and execute arbitrary PHP files on the server...

Path Traversal

getkirby/cms is vulnerable to Path Traversal. The vulnerability is due to lack of validation in the router to ensure that requested files are within the document root, allowing access checks on files outside the intended directory when using PHP’s built-in server...

Path Traversal

getkirby/cms is vulnerable to path traversal. The vulnerability is due to a missing path traversal check on dynamic collection names used in the collection helper or $kirby-collection method, allows attackers to manipulate the collection path to access and execute files outside the intended...

Cross-site Scripting (XSS)

getkirby/cms is vulnerable to Cross-site Scripting XSS. The vulnerability is due to insufficient validation and sanitization of the URL input, allowing attackers to execute arbitrary JavaScript code in the user's context by embedding a malicious javascript: URL in the link target of a link button...

Kirby vulnerable to self cross-site scripting (self-XSS) in the URL field

TL;DR This vulnerability affects Kirby sites that use the URL field in any blueprint. A successful attack commonly requires knowledge of the content structure by the attacker as well as social engineering of a user with access to the Panel. The attack cannot be automated. The vulnerability is als...

Denial Of Service (DoS)

getkirby/cms is vulnerable to Denial of Service. The vulnerability exists in the validatePassword function in User.php because it does not limit the password length, which can cause CPU and memory resource exhaustion when hashing if the attacker submits a password thats the the max size of a...

Insufficient Session Expiration

getkirby/cms is vulnerable to Insufficient Session Expiration. The vulnerability exists because web sessions are not properly expired which permits an attacker to reuse old session credentials or session IDs for authorization...

Improper Neutralization

getkirby/cms is vulnerable to Improper Neutralization. The vulnerability exists in the decode function at Txt.php due to a field injection bug in the content storage implementation which allows an attacker to inject malicious data or code...

XML External Entity (XXE)

getkirby/cms is vulnerable to XML External Entity XXE. The vulnerability exists due to a lack of data handler validation in the parse function in Xml.php, which allows an attacker to submit a malicious XML file, resulting in an arbitrary file being read on the target system...

Cross-site Scripting (XSS)

getkirby/cms is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the file function at Response.php due to the MIME auto-detection of uploaded files which allows an attacker to upload a file with an arbitrary MIME type and inject arbitrary scripts...

Cross-site Scripting (XSS)

getkirby/cms is vulnerable to Cross-site Scripting XSS. The use of the v-html tag in MultiselectInput.vue allows an attacker to inject and execute malicious javascript through the dynamic options in the multi-select field...

GHSA-4M2G-668V-JWJX Cross site scripting in getkirby/starterkit

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

Cross-site Scripting (XSS)

getkirby/kirby is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of writer field sanitization, allowing an attacker to execute malicious javascript in the browser...

Cross-site Scripting (XSS)

getkirby/kirby is vulnerable to cross-site scripting. The library does not properly escape HTML special characters, allowing an attacker to inject and execute malicious javascript. test...

Cross-Site Scripting (XSS)

getkirby/cms is vulnerable to cross-site scripting. An attacker with write access to the Kirby Panel may upload an SVG file that contains malicious...

CVE-2020-26253

CVE-2020-26253 affects Kirby CMS (getkirby/cms) versions prior to 3.3.6 and Kirby Panel prior to 2.5.14, where the admin panel could be accessible when hosted on a .dev domain. The root cause is an installation block that treated .dev domains as local (and potentially failed behind a reverse prox...

Cross-site Scripting (XSS)

getkirby/kirby is vulnerable to cross-site scripting XSS. The vulnerability is possible due to incorrect file validation via "site files" Add option while uploading an SVG file...