Authenticated (Author+) Stored CrossSite Scripting via SVG File Upload vulnerability
24 April, 2025
Open Redirection vulnerability
27 March, 2025
Authenticated (Administrator+) ServerSide Request Forgery vulnerability
27 January, 2025
Missing Authorization to Authenticated (Subscriber+) Form Submission Disclosure vulnerability
24 December, 2024
Authenticated (Administrator+) Improper Input Validation to Arbitrary File Read vulnerability
10 October, 2024