ibexa/admin-ui
Packagist2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting ibexa/admin-uipage 1 of 1
- CVE-2024-39318MEDIUMCVSS 5.4EG 5.4✓ Fixed in 4.6.92024-07-31
vulnerable: v4.6.0 ... v4.6.8 (15 versions)
The Ibexa Admin UI Bundle contains all the necessary parts to run the Ibexa DXP Back Office interface. The file upload widget is vulnerable to XSS payloads in filenames. Access permission to upload files is required. As such, in most cases…
- CVE-2024-53864MEDIUMCVSS 5.3EG 5.3✓ Fixed in 4.6.142024-11-29
vulnerable: v4.6.0 ... v4.6.9 (14 versions)
Ibexa Admin UI Bundle is all the necessary parts to run the Ibexa DXP Back Office interface. The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content ed…
Check whether ibexa/admin-ui is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for ibexa/admin-ui CVEs against the assets you own.
Start Free Scan →