pkg:Packagist/opensource-workshop/connect-cms

共 6 筆 CVEHIGH5MEDIUM1

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.8CVE-2026-32276Connect-CMS has Arbitrary Code Execution by an Authenticated User in its Code Study Plugin
    from 0, < 1.41.1
  • HIGH8.7CVE-2026-32277Connect-CMS has DOM-based Cross-Site Scripting (XSS) in the Cabinet Plugin List View
    >= 1.35.0, < 1.41.1
  • HIGH8.2CVE-2026-32278Connect CMS has Stored Cross-site Scripting (XSS) in the File Field of its Form Plugin
    from 0, < 1.41.1
  • HIGH8.1CVE-2026-32300Connect CMS: Improper Authorization in the My Page Profile Update Feature Allows Modification of Arbitrary User Information
    from 0, < 1.41.1
  • HIGH7.5CVE-2026-32299Connect CMS: Information Disclosure Due to Improper Authorization through the Page Content Retrieval Feature
    from 0, < 1.41.1
  • MEDIUM6.8CVE-2026-32279Connect CMS has SSRF in the External Page Migration Feature of its Page Management Plugin
    from 0, < 1.41.1