[フレーム]

Security Advisories

Learn how to report security issues - Read Ibexa's security policy - Check out our security blog posts - Security Reporters Hall of Fame

EZSA-2020-003: XSS in DemoBundle/ezdemo bundled VideoJS

EZSA-2020-002: Unauthorised cache purge with misconfigured Fastly

EZSA-2020-001: Remote code execution in file uploads

EZSA-2019-008: Remote code execution in PHP-FPM

EZSA-2019-007: Prevent accepting app.php in URL in Platform.sh

EZSA-2019-006: Rules to disable executable access are ignored on Platform.sh (eZ Cloud)

EZSA-2019-004: CSRF token in login form is disabled by default

EZSA-2019-005: Bundled jQuery affected by CVE-2019-11358

EZSA-2019-003: XSS in eZFind spellcheck

EZSA-2019-002: Password reset vulnerability

1
2
3
4
5
6