Known Vulnerabilities for Symphony by Getsymphony
Listed below are 10 of the newest known vulnerabilities associated with "Symphony" by "Getsymphony".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-3756 json | A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed ... | Not Provided | 2026-04-13 | 2026-04-13 |
| CVE-2020-25912 json | A XML External Entity (XXE) vulnerability was discovered in symphony\lib\toolkit\class.xmlelement.php in Symphony 2.7.10 whic... | 9.1 - CRITICAL | 2021-10-31 | 2021-11-02 |
| CVE-2020-25343 json | Cross-site scripting (XSS) vulnerabilities in Symphony CMS 3.0.0 allow remote attackers to inject arbitrary web script or HTM... | 5.4 - MEDIUM | 2020-10-07 | 2020-10-14 |
| CVE-2020-15071 json | content/content.blueprintsevents.php in Symphony CMS 3.0.0 allows XSS via fields['name'] to appendSubheading. | 6.1 - MEDIUM | 2020-08-11 | 2020-08-25 |
| CVE-2018-12043 json | content/content.blueprintspages.php in Symphony 2.7.6 has XSS via the pages content page. | 6.1 - MEDIUM | 2018-06-07 | 2018-07-12 |
| CVE-2017-8876 json | Symphony 2 2.6.11 has XSS in the meta[navigation_group] parameter to content/content.blueprintssections.php. | 6.1 - MEDIUM | 2017-05-10 | 2020-08-25 |
| CVE-2017-7694 json | Remote Code Execution vulnerability in symphony/content/content.blueprintsdatasources.php in Symphony CMS through 2.6.11 allo... | 8.8 - HIGH | 2017-04-11 | 2020-08-25 |
| CVE-2017-6067 json | Symphony 2.6.9 has XSS in publish/notes/edit/##/saved/ via the bottom form field. | 6.1 - MEDIUM | 2017-03-27 | 2020-08-25 |
| CVE-2017-5542 json | Cross-site scripting (XSS) vulnerability in template/usererror.missing_extension.php in Symphony CMS before 2.6.10 allows rem... | 6.1 - MEDIUM | 2017-01-20 | 2020-08-25 |
| CVE-2017-5541 json | Directory traversal vulnerability in template/usererror.missing_extension.php in Symphony CMS before 2.6.10 allows remote att... | 5.3 - MEDIUM | 2017-01-20 | 2020-08-25 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Getsymphony | Symphony | 3.0.0 | |||
| Application | Getsymphony | Symphony | 2.7.9 | |||
| Application | Getsymphony | Symphony | 2.7.8 | |||
| Application | Getsymphony | Symphony | 2.7.7 | |||
| Application | Getsymphony | Symphony | 2.7.6 | |||
| Application | Getsymphony | Symphony | 2.7.5 | |||
| Application | Getsymphony | Symphony | 2.7.4 | |||
| Application | Getsymphony | Symphony | 2.7.3 | |||
| Application | Getsymphony | Symphony | 2.7.2 | |||
| Application | Getsymphony | Symphony | 2.7.10 | |||
| Application | Getsymphony | Symphony | 2.7.1 | |||
| Application | Getsymphony | Symphony | 2.7.0 | |||
| Application | Getsymphony | Symphony | 2.6.9 | |||
| Application | Getsymphony | Symphony | 2.6.8 | |||
| Application | Getsymphony | Symphony | 2.6.7 | |||
| Application | Getsymphony | Symphony | 2.6.6 | |||
| Application | Getsymphony | Symphony | 2.6.5 | |||
| Application | Getsymphony | Symphony | 2.6.4 | |||
| Application | Getsymphony | Symphony | 2.6.3 | |||
| Application | Getsymphony | Symphony | 2.6.2 |