Ez Publish Security Vulnerabilities and Issues — Ez Publish CVE List

Lucene search

EzEz Publish

3 matches found

CVE•added 2018/01/02 8:29 p.m.•47 views

CVE-2017-1000431

eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. steal authentication credentials.

6.1CVSS6.1AI score0.00292EPSS

CVE•added 2003/06/16 4:0 a.m.•46 views

CVE-2003-0310

Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script.

6.8CVSS5.9AI score0.00367EPSS

CVE•added 2012/07/25 7:55 p.m.•33 views

CVE-2012-4053

Cross-site request forgery (CSRF) vulnerability in eZOE flash player in eZ Publish 4.1 through 4.6 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8CVSS7.3AI score0.00142EPSS