Shirasagi Security Vulnerabilities and Issues — Shirasagi CVE List

Lucene search

Ss-projShirasagi

4 matches found

CVE•added 2022/12/05 4:15 a.m.•39 views

CVE-2022-43499

Stored cross-site scripting vulnerability in SHIRASAGI versions prior to v1.16.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.

5.4CVSS5.1AI score0.00288EPSS

CVE•added 2023/02/24 6:15 a.m.•33 views

CVE-2023-22425

Stored cross-site scripting vulnerability in Schedule function of SHIRASAGI v1.16.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script.

5.4CVSS5AI score0.00319EPSS

CVE•added 2023/09/05 10:15 a.m.•27 views

CVE-2023-38569

Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.

5.4CVSS5.1AI score0.00327EPSS

CVE•added 2023/09/15 9:15 p.m.•25 views

CVE-2023-41889

SHIRASAGI is a Content Management System. Prior to version 1.18.0, SHIRASAGI is vulnerable to a Post-Unicode normalization issue. This happens when a logical validation or a security check is performed before a Unicode normalization. The Unicode character equivalent of a character would resurface a...

5.3CVSS5.3AI score0.00154EPSS