Security Advisories - webreinvent/vaahcms - Packagist

webreinvent/vaahcms Security Advisories for 2.2.9 (1)

[MEDIUM] VaahCMS is vulnerable to XSS through its Avatar Upload endpoint

PKSA-1567-r2np-36n6 CVE-2025-61183 GHSA-q769-phqg-263r

Affected version: <=2.3.1

Reported by:
GitHub