wintercms/winter Security Advisories for v1.2.2 (2)
-
[HIGH] Winter CMS Server-Side Template Injection (SSTI) vulnerability
PKSA-8f2z-f7m8-2xxr CVE-2024-29686 GHSA-8r5j-gm3j-cx9c
Affected version: <=1.2.3
Reported by:
GitHub -
[LOW] Winter CMS stored XSS through privileged upload of SVG file
PKSA-ysj2-6nmd-36qh CVE-2023-37269 GHSA-wjw2-4j7j-6gc3
Affected version: <1.2.3
Reported by:
GitHub