ibexa/admin-ui Security Advisories for v4.2.1 (2)
-
[CRITICAL] Ibexa DXP users with the Company admin role can assign any role to any user
PKSA-thcc-msg1-sncj GHSA-g6jc-xrc3-4wwq
Affected version: >=4.2.0,<4.2.3
Reported by:
GitHub -
[CRITICAL] ibexa/admin-ui vulnerable to Cross-site Scripting in content type name/shortname
PKSA-j8qt-2p1x-j567 GHSA-7644-cxp8-h23r
Affected version: >=4.2.0,<4.2.3
Reported by:
GitHub