Vulnerability history
1 present
22 patched
Cross Site Scripting (XSS) vulnerability
6.5
4 April, 2025
Authenticated (Author+) Stored CrossSite Scripting via SVG File Upload vulnerability
5.9
12 February, 2025
Authenticated (Contributor+) Arbitrary File Upload via storeUploads vulnerability
9.9
12 February, 2025
CrossSite Request Forgery vulnerability
4.3
8 August, 2024
Authenticated (Contributor+) Arbitrary File Upload vulnerability
9.9
18 July, 2024
