Security Advisories - flarum/framework - Packagist

flarum/framework Security Advisories for v0.1.0-beta.7.1 (3)

[LOW] Flarum's logout Route allows open redirects

PKSA-8vds-sy58-91p8 CVE-2024-21641 GHSA-733r-8xcp-w9mr

Affected version: <1.8.5

Reported by:
GitHub
[HIGH] Flarum vulnerable to LFI and Blind SSRF via Avatar upload

PKSA-4zyn-nz6f-g7kq CVE-2023-40033 GHSA-67c6-q4j4-hccg

Affected version: <1.8.0

Reported by:
GitHub
[MEDIUM] Flarum Core Leaks PII

PKSA-h3m8-h2km-bggc CVE-2018-19133 GHSA-p6m5-x83r-hqmr

Affected version: <=0.1.0-beta.7.1

Reported by:
GitHub