[HIGH] ezsystems/ezplatform-richtext allows access to external entities in XML

PKSA-w1xb-npn9-4xm1 GHSA-2jqj-5qv2-xvcg

Affected version: >=2.3.0-beta1,<2.3.26

Reported by:
GitHub

[HIGH] Persistent Cross-site Scripting in eZ Platform Rich Text Field Type

PKSA-k2jf-2c1m-r664 CVE-2024-43372 GHSA-rhm7-7469-rcpw

Affected version: >=3.3.0,<3.3.40

Reported by:
GitHub

[MEDIUM] XSS in richtext custom tag attributes in ezsystems/ezplatform-richtext

PKSA-4v1s-xft2-c6sn GHSA-fxwm-rx68-p5vx

Affected version: >=2.3.0,<2.3.7.1

Reported by:
GitHub