pkg:Packagist/sulu/sulu

所有已知漏洞

• HIGH8.5CVE-2021-43836PHP file inclusion in the Sulu admin panel
  from 0, < 1.6.44
• HIGH7.2CVE-2021-43835Privilege escalation in the Sulu Admin panel
  >= 2.0.0, < 2.2.18
• MEDIUM6.8CVE-2024-27915Sulu grants access to pages regardless of role permissions
  >= 2.2.0, < 2.4.17
• MEDIUM6.2CVE-2021-41169Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in sulu/sulu
  from 0, < 1.6.43
• MEDIUM6.1CVE-2024-47617Injection of arbitrary HTML/JavaScript code through the media download URL
  >= 2.6.0, < 2.6.5
• MEDIUM6.1CVE-2024-47618Cross-site Scripting via uploaded SVG
  >= 2.0.0-RC1, < 2.5.21
• MEDIUM5.3CVE-2020-15132Reset Password / Login vulnerability in Sulu
  from 0, < 1.6.34
• MEDIUM4.8CVE-2021-32737XSS Injection in Media Collection Title was possible
  from 0, < 1.6.41
• MEDIUM4.3CVE-2023-39343Sulu Observable Response Discrepancy on Admin Login
  >= 2.5.0, < 2.5.10
• —CVE-2026-45701Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens
  >= 3.0.0-alpha1, < 3.0.6
• —CVE-2026-34372Sulu checks fix permissions for subentities endpoints
  >= 1.0.0, < 2.6.22
• —CVE-2025-47778Sulu vulnerable to XXE in SVG File upload Inspector
  >= 2.5.21, < 2.5.25
• —CVE-2024-24807Sulu HTML Injection via Autocomplete Suggestion
  >= 2.0.0, < 2.4.16