Lucene search
K

7 matches found

CVE
CVE
added 2023/12/28 10:15 p.m.105 views

CVE-2023-52084

Winter CMS Stored XSS (CVE-2023-52084) : The vulnerability is in Winter CMS prior to 1.2.4 where a value entered in backend forms using the ColorPicker FormWidget could be rendered unescaped, enabling stored XSS. Affected: versions before 1.2.4; root cause: unescaped rendering of input in backend...

5.4CVSS4.3AI score0.00309EPSS
CVE
CVE
added 2023/12/29 12:0 a.m.69 views

CVE-2023-52085

Winter CMS before 1.2.4 is vulnerable to Local File Inclusion through the ColorPicker FormWidget when backend forms pass values to LESS compilation. The root cause is unprocessed user input being included in generated stylesheets, enabling potential local file exposure. Affected component: ColorP...

5.4CVSS4.5AI score0.30166EPSS
CVE
CVE
added 2024/12/09 8:54 p.m.62 views

CVE-2024-54149

Winter CMS has a sandbox bypass in Twig templates that affects versions prior to 1.2.7, 1.1.11, and 1.0.476. If an attacker has backend access with cms.manage_layouts, cms.manage_pages, or cms.manage_partials, they can modify or delete theme resources and potentially manipulate model data passed ...

8.4CVSS8.8AI score0.00397EPSS
CVE
CVE
added 2023/07/07 9:19 p.m.59 views

CVE-2023-37269

Winter CMS is vulnerable to a stored XSS due to unsanitized SVG uploads in the branding logo function prior to v1.2.3. The issue requires an attacker with backend.manage_branding permission (or higher) and user interaction by visiting the URL of the malicious SVG; exploitation is further constrai...

4.8CVSS4.4AI score0.01637EPSS
Web
CVE
CVE
added 2023/12/28 10:11 p.m.50 views

CVE-2023-52083

CVE-2023-52083 affects Winter CMS. Before 1.2.4, users with the media.manage_media permission could upload files to the Media Manager and rename them after upload, with sanitization only on upload (not on rename), allowing a stored XSS vulnerability. The issue has been patched in v1.2.4.

4.8CVSS4.1AI score0.00311EPSS
CVE
CVE
added 2026/03/11 9:25 p.m.16 views

CVE-2026-27591

CVE-2026-27591 pertains to Winter CMS (Laravel-based). The issue allows authenticated backend users to escalate their own access by mutating roles/permissions via specially crafted backend requests while logged in. Root cause is an authorization weakness in the backend account management flow. Im...

9.9CVSS5.8AI score0.00486EPSS
CVE
CVE
added 2026/02/06 7:11 p.m.11 views

CVE-2026-22254

CVE-2026-22254 affects Winter CMS prior to 1.2.10, where the Asset Manager allowed uploading SVGs without automatic sanitization if a user had cms.manage_assets. This could enable stored XSS in affected deployments, since the attacker must have backend access with that permission. The issue is fi...

3.5CVSS5.6AI score0.00251EPSS