juzaweb/cms Security Advisories for v3.1.2 (5)
-
[LOW] JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing Import Page component
PKSA-wps7-nkwz-6pwr CVE-2025-6735 GHSA-rq7x-cfmc-rq3w
Affected version: <=3.4.2
Reported by:
GitHub -
[LOW] JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing certain components
PKSA-byjd-fygk-s2j7 CVE-2025-6736 GHSA-mrph-pjv2-34f4
Affected version: <=3.4.2
Reported by:
GitHub -
[MEDIUM] juzaweb CMS allows cross-site scripting by uploading an SVG file
PKSA-wym3-mj3y-byq2 CVE-2025-5420 GHSA-49rr-34j5-r8mw
Affected version: <=3.4.2
Reported by:
GitHub -
[MEDIUM] juzawebCMS Incorrect Access Control vulnerability
PKSA-2cgx-y9dm-ckkj CVE-2023-46906 GHSA-93p6-9cxv-5rpq
Affected version: <=3.4
Reported by:
GitHub -
[HIGH] juzawebCMS Injection vulnerability
PKSA-6139-g68w-c4v4 CVE-2023-46468 GHSA-h92m-4g9m-72vr
Affected version: <=3.4
Reported by:
GitHub