4 matches found
CVE-2023-0643
Improper Handling of Additional Special Element in GitHub repository squidex/squidex prior to 7.4.0.
CVE-2023-24278
Squidex before 7.4.0 was discovered to contain a squid.svg cross-site scripting (XSS) vulnerability.
CVE-2023-0642
Cross-Site Request Forgery (CSRF) in GitHub repository squidex/squidex prior to 7.4.0.
CVE-2023-46252
Squidex is an open source headless CMS and content management hub. Affected versions are missing origin verification in a postMessage handler which introduces a Cross-Site Scripting (XSS) vulnerability. The editor-sdk.js file defines three different class-like functions, which employ a global messa...