omeka CVE 脆弱性と CVE 一覧(11)

製品(CPE): — CVE 件数: 11

omeka 脆弱性概要

omeka 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

過去の問題は主に vendor risk cross-site scripting and vendor risk csrf などに関し、一部は vendor impact session compromise を招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 111 / 11 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2023-4561 Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.4. [email protected] 4.8 0.45% 2023-08-28 2024-11-21
CVE-2023-4560 Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4. [email protected] 6.5 0.59% 2023-08-28 2024-11-21
CVE-2023-4159 Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3. [email protected] 8.8 0.83% 2023-08-04 2024-11-21
CVE-2023-4158 Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.3. [email protected] 5.4 0.40% 2023-08-04 2024-11-21
CVE-2023-4157 CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3. [email protected] 5.2 0.45% 2023-08-04 2024-11-21
CVE-2023-3982 Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2. [email protected] 4.8 0.40% 2023-07-27 2024-11-21
CVE-2023-3981 Server-Side Request Forgery (SSRF) in GitHub repository omeka/omeka-s prior to 4.0.2. [email protected] 4.9 0.56% 2023-07-27 2024-11-21
CVE-2023-3980 Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2. [email protected] 4.8 0.40% 2023-07-27 2024-11-21
CVE-2021-26799 Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka Classic <=2.7 allows remote attackers to inject arbitrary web script or HTML. [email protected] 6.1 1.04% 2021-07-23 2024-11-21
CVE-2018-13423 admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag. [email protected] 6.1 0.89% 2018-07-07 2024-11-21
CVE-2014-5100 Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS) sequences via the api_key_label parameter to admin/users/api-keys/1, or (3) disable file validation via a request to admin/settings/edit-security. [email protected] 6.8 2.47% 2014-07-25 2026-05-06
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence