14 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization inconsistent permission checks for pages.access, pages.list, files.access, and files.list in the Panel and REST API. An attacker can gain unauthorized access to content or sensitive information by exploiting...
Server-Side Template Injection (SSTI)
getkirby/cms is vulnerable to Server-Side Template Injection SSTI. The vulnerability is due to improper enforcement of page status permissions during page creation through the REST API, which allows an attacker to create published pages directly and bypass the intended editorial workflow...
Cross-site Scripting (XSS)
getkirby/cms is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of user-controlled fields such as page titles or usernames displayed in the "Changes" dialog, which allows an attacker to inject malicious code that executes when another authenticated user...
Arbitrary File Access
getkirby/cms is vulnerable to Arbitrary File Access. The vulnerability is due to missing path traversal checks in the snippet helper or $kirby-snippet method when used with dynamic snippet names, allowing attackers to access and execute arbitrary PHP files on the server...
Path Traversal
getkirby/cms is vulnerable to Path Traversal. The vulnerability is due to lack of validation in the router to ensure that requested files are within the document root, allowing access checks on files outside the intended directory when using PHP’s built-in server...
Path Traversal
getkirby/cms is vulnerable to path traversal. The vulnerability is due to a missing path traversal check on dynamic collection names used in the collection helper or $kirby-collection method, allows attackers to manipulate the collection path to access and execute files outside the intended...
Cross-site Scripting (XSS)
getkirby/cms is vulnerable to Cross-site Scripting XSS. The vulnerability is due to insufficient validation and sanitization of the URL input, allowing attackers to execute arbitrary JavaScript code in the user's context by embedding a malicious javascript: URL in the link target of a link button...
Denial Of Service (DoS)
getkirby/cms is vulnerable to Denial of Service. The vulnerability exists in the validatePassword function in User.php because it does not limit the password length, which can cause CPU and memory resource exhaustion when hashing if the attacker submits a password thats the the max size of a...
Insufficient Session Expiration
getkirby/cms is vulnerable to Insufficient Session Expiration. The vulnerability exists because web sessions are not properly expired which permits an attacker to reuse old session credentials or session IDs for authorization...
Improper Neutralization
getkirby/cms is vulnerable to Improper Neutralization. The vulnerability exists in the decode function at Txt.php due to a field injection bug in the content storage implementation which allows an attacker to inject malicious data or code...
XML External Entity (XXE)
getkirby/cms is vulnerable to XML External Entity XXE. The vulnerability exists due to a lack of data handler validation in the parse function in Xml.php, which allows an attacker to submit a malicious XML file, resulting in an arbitrary file being read on the target system...
Cross-site Scripting (XSS)
getkirby/cms is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the file function at Response.php due to the MIME auto-detection of uploaded files which allows an attacker to upload a file with an arbitrary MIME type and inject arbitrary scripts...
Cross-site Scripting (XSS)
getkirby/cms is vulnerable to Cross-site Scripting XSS. The use of the v-html tag in MultiselectInput.vue allows an attacker to inject and execute malicious javascript through the dynamic options in the multi-select field...
Cross-Site Scripting (XSS)
getkirby/cms is vulnerable to cross-site scripting. An attacker with write access to the Kirby Panel may upload an SVG file that contains malicious...