Kirby@* Security Vulnerabilities and Issues — Kirby@* CVE List

Lucene search

GetkirbyKirby*

4 matches found

CVE•added 2024/02/22 5:15 a.m.•4173 views

CVE-2024-26481

Kirby CMS v4.1.0 was discovered to contain a reflected self-XSS vulnerability via the URL parameter.

4.7CVSS7.1AI score0.00098EPSS

CVE•added 2024/02/22 5:15 a.m.•3501 views

CVE-2024-26483

An arbitrary file upload vulnerability in the Profile Image module of Kirby CMS v4.1.0 allows attackers to execute arbitrary code via a crafted PDF file.

8.8CVSS7.5AI score0.00206EPSS

CVE•added 2024/02/26 5:15 p.m.•102 views

CVE-2024-27087

Kirby is a content management system. The new link field introduced in Kirby 4 allows several different link types that each validate the entered link to the relevant URL format. It also includes a "Custom" link type for advanced use cases that don't fit any of the pre-defined link formats. As the ...

5.4CVSS5.1AI score0.00781EPSS

CVE•added 2024/08/29 5:15 p.m.•49 views

CVE-2024-41964

Kirby is a CMS targeting designers and editors. Kirby allows to restrict the permissions of specific user roles. Users of that role can only perform permitted actions. Permissions for creating and deleting languages have already existed and could be configured, but were not enforced by Kirby's fron...

8.1CVSS8AI score0.00238EPSS