599 matches found
CVE-2026-44177
Kirby is an open-source content management system. In versions 5.3.0 and above but prior to 5.4.1, Kirby did not correctly validate the provided user ID, resulting in a path traversal vulnerability. Version 5.3.0 introduced a performance improvement to the Users collection that loaded user object...
CVE-2026-45368
Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, the underlying URL methods for the KirbyTags and image blocks components did not filter out malicious URL values that resolve to script execution. The vulnerability affects four first-party Kirby renderers th...
CVE-2026-44175
Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, Kirby did not securely sanitize the contents of the list field on save, leaving it vulnerable to cross-site scripting XSS. Kirby's list field stores its formatted content as HTML, and unlike other field types...
CVE-2026-44174
Kirby is an open-source content management system. Prior to 4.9.1 and 5.4.1, Kirby did not validate the model attributes that were used in its collection queries, allowing attackers to include arbitrary model methods in their queries. This includes methods with sensitive data such as password...
CVE-2026-44176
Kirby is an open-source content management system. Versions prior to 4.9.1 and 5.4.1 do not check the pages.access permission during page draft rendering. Permissions are defined for each user role in the user blueprint site/blueprints/users/.... It is also possible to customize the permissions f...
CVE-2026-45368
Kirby CMS is affected in versions prior to 4.9.1 and 5.4.1 by an XSS in URL handling for several first‑party renderers that emit : the (link: …) KirbyTag, the link parameter of (image: …), the image block's link field, and the HTML importer for blocks. The underlying issue does not filter dangero...
CVE-2026-45368 Kirby: Cross-site scripting (XSS) from links in KirbyTags and image blocks in the site frontend
Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, the underlying URL methods for the KirbyTags and image blocks components did not filter out malicious URL values that resolve to script execution. The vulnerability affects four first-party Kirby renderers th...
CVE-2026-45334 Kirby: Content locks disclose IDs and emails of inaccessible users from `users.access/list` permissions
Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, the content-locking feature returned lock information without checking the requesting user's access permissions. Kirby's Panel includes a content-locking feature that records which user currently has a model...
CVE-2026-45334
Kirby CMS (versions < 4.9.1 and
CVE-2026-45334 Kirby: Content locks disclose IDs and emails of inaccessible users from `users.access/list` permissions
Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, the content-locking feature returned lock information without checking the requesting user's access permissions. Kirby's Panel includes a content-locking feature that records which user currently has a model...
CVE-2026-44175
Kirby has a stored XSS vulnerability in the list field prior to versions 4.9.1 and 5.4.1 due to server-side sanitization on save not being applied (HTML in list field not escaped without breaking formatting). The content is stored as HTML and could be sent via Kirby’s API bypassing the Panel, the...
CVE-2026-44175 Kirby: Cross-site scripting (XSS) from list field content in the site frontend
Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, Kirby did not securely sanitize the contents of the list field on save, leaving it vulnerable to cross-site scripting XSS. Kirby's list field stores its formatted content as HTML, and unlike other field types...
CVE-2026-44175 Kirby: Cross-site scripting (XSS) from list field content in the site frontend
Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, Kirby did not securely sanitize the contents of the list field on save, leaving it vulnerable to cross-site scripting XSS. Kirby's list field stores its formatted content as HTML, and unlike other field types...
CVE-2026-44176 Kirby: `pages.access` permission is not checked during rendering of page drafts
Kirby is an open-source content management system. Versions prior to 4.9.1 and 5.4.1 do not check the pages.access permission during page draft rendering. Permissions are defined for each user role in the user blueprint site/blueprints/users/.... It is also possible to customize the permissions f...
CVE-2026-44176
Kirby CMS vulnerability CVE-2026-44176 affects pre-4.9.1 and pre-5.4.1 releases where the path resolver could render page drafts without enforcing pages.access, potentially exposing sensitive draft content to authenticated users who know the full draft path. Root cause: page draft rendering bypas...
CVE-2026-44176 Kirby: `pages.access` permission is not checked during rendering of page drafts
Kirby is an open-source content management system. Versions prior to 4.9.1 and 5.4.1 do not check the pages.access permission during page draft rendering. Permissions are defined for each user role in the user blueprint site/blueprints/users/.... It is also possible to customize the permissions f...
CVE-2026-44177
CVE-2026-44177 affects Kirby CMS (Kirby 5.3.0 up to
CVE-2026-44177 Kirby: Pre-authentication path traversal and PHP file inclusion during user lookup
Kirby is an open-source content management system. In versions 5.3.0 and above but prior to 5.4.1, Kirby did not correctly validate the provided user ID, resulting in a path traversal vulnerability. Version 5.3.0 introduced a performance improvement to the Users collection that loaded user object...
CVE-2026-44177 Kirby: Pre-authentication path traversal and PHP file inclusion during user lookup
Kirby is an open-source content management system. In versions 5.3.0 and above but prior to 5.4.1, Kirby did not correctly validate the provided user ID, resulting in a path traversal vulnerability. Version 5.3.0 introduced a performance improvement to the Users collection that loaded user object...
CVE-2026-44174
Kirby CMS (versions prior to 4.9.1 and 5.4.1) exposes REST API search and collection queries that did not validate model attributes, allowing authenticated users to invoke arbitrary model methods (e.g., password(), root(), loginPasswordless(), delete()) via collection endpoints. This can disclose...