Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Squidex.ioSquidex

3 matches found

CVE
CVEadded 2023/11/07 7:15 p.m.41 views

CVE-2023-46252

Squidex is an open source headless CMS and content management hub. Affected versions are missing origin verification in a postMessage handler which introduces a Cross-Site Scripting (XSS) vulnerability. The editor-sdk.js file defines three different class-like functions, which employ a global messa...

6.8CVSS6AI score0.00267EPSS
CVE
CVEadded 2023/11/07 6:15 p.m.32 views

CVE-2023-46744

Squidex is an open source headless CMS and content management hub. In affected versions a stored Cross-Site Scripting (XSS) vulnerability enables privilege escalation of authenticated users. The SVG element filtering mechanism intended to stop XSS attacks through uploaded SVG images, is insufficien...

5.4CVSS5.4AI score0.00155EPSS
CVE
CVEadded 2023/11/07 7:15 p.m.28 views

CVE-2023-46253

Squidex is an open source headless CMS and content management hub. Affected versions are subject to an arbitrary file write vulnerability in the backup restore feature which allows an authenticated attacker to gain remote code execution (RCE). Squidex allows users with the squidex.admin.restore per...

9.1CVSS8.7AI score0.06248EPSS