Known Vulnerabilities for Digital Experience Platform by Ibexa
Listed below are 3 of the newest known vulnerabilities associated with "Digital Experience Platform" by "Ibexa".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-48367 json | An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled. | 9.8 - CRITICAL | 2023-03-12 | 2023-08-08 |
| CVE-2022-48366 json | An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attac... | 3.7 - LOW | 2023-03-12 | 2023-03-16 |
| CVE-2022-48365 json | An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives excessive privileges. | 7.2 - HIGH | 2023-03-12 | 2023-03-16 |
| CVE-2022-38902 json | A Cross-site scripting (XSS) vulnerability in the Blog module - add new topic functionality in Liferay Digital Experience Pla... | 7.2 - HIGH | 2022-10-13 | 2026-07-04 |
| CVE-2022-38901 json | A Cross-site scripting (XSS) vulnerability in the Document and Media module - file upload functionality in Liferay Digital Ex... | 7.2 - HIGH | 2022-10-19 | 2026-07-04 |