Authenticated(Contributor+) Stored CrossSite Scripting via `mftemplate` DOM Element vulnerability
29 July, 2025
Server Side Request Forgery (SSRF) vulnerability
27 March, 2025
Unauthenticated DoubleExtension Arbitrary File Upload vulnerability
19 August, 2024
Unauthenticated Sensitive Information Exposure vulnerability
11 June, 2024
Broken Access Control vulnerability
25 April, 2024