Mezzanine Security Vulnerabilities and Issues — Mezzanine CVE List

Lucene search

JupoMezzanine

5 matches found

CVE•added 2024/02/28 8:15 p.m.•5694 views

CVE-2024-25170

An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header.

9.1CVSS6.7AI score0.01371EPSS

CVE•added 2024/02/28 8:15 p.m.•115 views

CVE-2024-25169

An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request.

9.8CVSS6.5AI score0.00804EPSS

CVE•added 2025/05/05 7:15 p.m.•44 views

CVE-2025-29573

Cross-Site Scripting (XSS) vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module.

6.1CVSS5.6AI score0.00051EPSS

CVE•added 2018/12/28 5:29 p.m.•43 views

CVE-2018-16632

Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/?_to_field=id&_popup=1 title parameter at admin/blog/blogpost/add/.

4.8CVSS5.2AI score0.00235EPSS

CVE•added 2021/08/27 7:15 p.m.•40 views

CVE-2020-19002

Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is different than CVE-2018-16632.

6.1CVSS5.6AI score0.00427EPSS