CVEs and Security Vulnerabilities CVEs and Security Vulnerabilities

Filtered by vendor Sylius Subscriptions

Filtered by product Sylius Subscriptions

Total 21 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-3841	1 Sylius	1 Sylius	2024-11-21	5.4 Medium
sylius/sylius versions prior to 1.9.10, 1.10.11, and 1.11.2 are vulnerable to stored cross-site scripting (XSS) through SVG files. This vulnerability allows attackers to inject malicious scripts that can be executed in the context of the user's browser.

« first previous Page 2 of 2.