Security Advisories - tribalsystems/zenario

tribalsystems/zenario Security Advisories for 9.1.57473 (13)

[LOW] Zenario Cross Site Scripting in the Image library

PKSA-626r-ptwv-5msz CVE-2024-45964 GHSA-2cc5-429x-p387

Affected version: <=9.7.61188

Reported by:
GitHub
[LOW] Zenario allows authenticated admin users to upload PDF files containing malicious code

PKSA-jm4c-kd3j-5hgr CVE-2024-45960 GHSA-3636-hx62-pv26

Affected version: <=9.7.61188

Reported by:
GitHub
[MEDIUM] Zenario uses Twig filters insecurely in the Twig Snippet plugin

PKSA-2vff-jckp-41b9 CVE-2024-34461 GHSA-hr2r-w6wc-25pv

Affected version: <9.5.60437

Reported by:
GitHub
[MEDIUM] Zenario's Tree Explorer tool from Organizer affected by Cross-site Scripting

PKSA-7y52-wyc4-jh5d CVE-2024-34460 GHSA-7qwj-gcjf-828f

Affected version: <9.5.60602

Reported by:
GitHub
[MEDIUM] Zenario CMS Cross-site Scripting vulnerability

PKSA-sgtd-47vh-v7xk CVE-2023-44769 GHSA-8g87-73vq-443p

Affected version: <=9.4.59197

Reported by:
GitHub
[MEDIUM] Zenario CMS Cross-site Scripting vulnerability

PKSA-wj4z-2892-4z7j CVE-2023-44771 GHSA-6cxv-27r2-fp3m

Affected version: <=9.4.59197

Reported by:
GitHub
[MEDIUM] Zenario CMS Cross-site Scripting vulnerability

PKSA-1xsc-5sr6-rvqw CVE-2023-44770 GHSA-mr4w-7vm9-cgqx

Affected version: <=9.4.59197

Reported by:
GitHub
[MEDIUM] Tribal Systems Zenario CMS vulnerable to Session Fixation

PKSA-kr7w-3swh-1np4 CVE-2022-4231 GHSA-6657-9743-4mc6

Affected version: <=9.3.57595

Reported by:
GitHub
[MEDIUM] Cross-site Scripting in Zenario

PKSA-m58d-b4jx-rskk CVE-2022-44070 GHSA-f454-jm6x-56q6

Affected version: <=9.3.57186

Reported by:
GitHub
[MEDIUM] Cross-site Scripting in Zenario

PKSA-skk6-b7wm-3vk6 CVE-2022-44073 GHSA-gmf5-q34v-vwvp

Affected version: <=9.3.57186

Reported by:
GitHub
[MEDIUM] Cross-site Scripting in Zenario

PKSA-ksv4-pxr6-sf1s CVE-2022-44071 GHSA-j43m-4pxc-hmqj

Affected version: <=9.3.57186

Reported by:
GitHub
[MEDIUM] Cross-site Scripting in Zenario

PKSA-5bxv-x652-p1vq CVE-2022-44069 GHSA-r9xx-4cmv-856x

Affected version: <=9.3.57186

Reported by:
GitHub
[HIGH] File upload restriction bypass in Zenario CMS

PKSA-b6mz-47rp-w3c4 CVE-2022-23043 GHSA-6r86-2jm9-9mh4

Affected version: <9.2.55826

Reported by:
GitHub

tribalsystems/zenario Security Advisories for 9.1.57473 (13)

[LOW] Zenario Cross Site Scripting in the Image library

[LOW] Zenario allows authenticated admin users to upload PDF files containing malicious code

[MEDIUM] Zenario uses Twig filters insecurely in the Twig Snippet plugin

[MEDIUM] Zenario's Tree Explorer tool from Organizer affected by Cross-site Scripting

[MEDIUM] Zenario CMS Cross-site Scripting vulnerability

[MEDIUM] Zenario CMS Cross-site Scripting vulnerability

[MEDIUM] Zenario CMS Cross-site Scripting vulnerability

[MEDIUM] Tribal Systems Zenario CMS vulnerable to Session Fixation

[MEDIUM] Cross-site Scripting in Zenario

[MEDIUM] Cross-site Scripting in Zenario

[MEDIUM] Cross-site Scripting in Zenario

[MEDIUM] Cross-site Scripting in Zenario

[HIGH] File upload restriction bypass in Zenario CMS