JupiterX Core

Cross Site Scripting (XSS) Vulnerability <= 4.8.11

Unauthenticated PHP Object Injection via PHAR vulnerability <= 4.8.11

Authenticated (Contributor+) SVG Upload to Local File Inclusion (Remote Code Execution) vulnerability <= 4.8.7

Authenticated (Contributor+) Arbitrary File Read vulnerability <= 4.8.7

Missing Authorization to Unauthenticated Popup Template Export vulnerability <= 4.8.5