Shirasagi Security Vulnerabilities and Issues — Shirasagi CVE List

Lucene search

Ss-projShirasagi

4 matches found

CVE•added 2023/09/05 10:15 a.m.•30 views

CVE-2023-36492

Reflected cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.

6.1CVSS6.1AI score0.00675EPSS

CVE•added 2023/09/05 10:15 a.m.•28 views

CVE-2023-38569

Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.

5.4CVSS5.1AI score0.00327EPSS

CVE•added 2023/09/15 9:15 p.m.•27 views

CVE-2023-41889

SHIRASAGI is a Content Management System. Prior to version 1.18.0, SHIRASAGI is vulnerable to a Post-Unicode normalization issue. This happens when a logical validation or a security check is performed before a Unicode normalization. The Unicode character equivalent of a character would resurface a...

5.3CVSS5.3AI score0.00154EPSS

CVE•added 2023/09/05 9:15 a.m.•25 views

CVE-2023-39448

Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on the server, resulting in arbitrary code execution.

8.8CVSS8.6AI score0.04727EPSS