ibexa/fieldtype-richtext Security Advisories for v4.6.1 (4)
-
[MEDIUM] ibexa/fieldtype-richtext has an XSS vulnerability via acronym custom tag in Rich Text
PKSA-v9dn-k1j5-qdf9 GHSA-8c2g-f8jm-5cr7
Affected version: >=4.6.0,<4.6.25|>=5.0.0,<5.0.3
Reported by:
GitHub -
[MEDIUM] Ibexa RichText Field Type XSS vulnerabilities in back office
PKSA-gbfx-zghm-tr4d GHSA-9qv6-4pwm-m68f
Affected version: >=4.6.0-beta1,<4.6.21
Reported by:
GitHub -
[HIGH] ibexa/fieldtype-richtext allows access to external entities in XML
PKSA-ypdh-7wg7-kqn2 GHSA-cj3w-g42v-wcj6
Affected version: >=4.6.0-beta1,<4.6.19
Reported by:
GitHub -
[HIGH] Persistent Cross-site Scripting in Ibexa RichText Field Type
PKSA-8758-229r-dskf CVE-2024-43369 GHSA-hvcf-6324-cjh7
Affected version: >=4.6.0,<4.6.10
Reported by:
GitHub