Vulnerability Database

ezsystems / ezpublish-kernel

• You can search for specific versions with https://synscan.net/product/ezpublish--kernel/1.2.3

Title	Severity	Exploit	Date	Affected Version
Login timing attack in ezsystems/ezpublish-kernel	Critical		Jun 2, 2022	>= 7.5.0 < 7.5.29
Object state limitation has no effect	Critical		Apr 29, 2022	>= 7.5.0 < 7.5.28
CVE-2022-25337	Critical		Feb 18, 2022	>= 7.5.0 < 7.5.26
IBX-1392: Image filenames sanitization	High		Jan 21, 2022	>= 7.5.0 < 7.5.26
Cross-site scripting in eZ Platform Kernel	High		Mar 19, 2021	< 6.13.8.2 >= 7.0.0 < 7.5.15.2
/user/sessions endpoint allows detecting valid accounts	High		Mar 11, 2021	>= 6.13.0 < 6.13.8.1 >= 7.5.0 < 7.5.15.1