Known Vulnerabilities for Magnolia Cms by Magnolia-cms
Listed below are 10 of the newest known vulnerabilities associated with "Magnolia Cms" by "Magnolia-cms".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-33098 json | Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting (XSS) vulnerability via the Edit Contact function. This... | 6.1 - MEDIUM | 2022-07-07 | 2022-07-15 |
| CVE-2021-46366 json | An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability a... | 8.8 - HIGH | 2022-02-11 | 2022-07-12 |
| CVE-2021-46365 json | An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute XML External Entity attacks via a cr... | 7.8 - HIGH | 2022-02-11 | 2022-04-19 |
| CVE-2021-46364 json | A vulnerability in the Snake YAML parser of Magnolia CMS v6.2.3 and below allows attackers to execute arbitrary code via a cr... | 7.8 - HIGH | 2022-02-11 | 2022-03-29 |
| CVE-2021-46363 json | An issue in the Export function of Magnolia v6.2.3 and below allows attackers to perform Formula Injection attacks via crafte... | 7.8 - HIGH | 2022-02-11 | 2022-06-05 |
| CVE-2021-46362 json | A Server-Side Template Injection (SSTI) vulnerability in the Registration and Forgotten Password forms of Magnolia v6.2.3 and... | 9.8 - CRITICAL | 2022-02-11 | 2023-08-08 |
| CVE-2021-46361 json | An issue in the Freemark Filter of Magnolia CMS v6.2.11 and below allows attackers to bypass security restrictions and execut... | 9.8 - CRITICAL | 2022-02-11 | 2022-02-22 |
| CVE-2021-25894 json | Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting (XSS) vulnerability in the /magnoliaPublic/travel/mem... | 6.1 - MEDIUM | 2021-04-02 | 2021-04-15 |
| CVE-2021-25893 json | Magnolia CMS from 6.1.3 to 6.2.3 contains a stored cross-site scripting (XSS) vulnerability in the setText parameter of /magn... | 5.4 - MEDIUM | 2021-04-02 | 2021-04-15 |
| CVE-2013-4759 json | Not Provided | 2013-08-09 | 2026-04-29 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Magnolia-cms | Magnolia Cms | 5.0.1 | |||
| Application | Magnolia-cms | Magnolia Cms | 5.0 | |||
| Application | Magnolia-cms | Magnolia Cms | 4.5.9 | |||
| Application | Magnolia-cms | Magnolia Cms | 4.5.8 | |||
| Application | Magnolia-cms | Magnolia Cms | 4.5.7 |