[MEDIUM] Ibexa Admin UI vulnerable to Cross-site Scripting in a field that is used in the Content name pattern

PKSA-t2fv-4pjc-5rpc CVE-2024-53864 GHSA-8w3p-gf85-qcch

Affected version: >=4.6.0,<4.6.14

Reported by:
GitHub

[MEDIUM] Ibexa Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget

PKSA-k3xd-28dp-hq98 CVE-2024-39318 GHSA-qm44-wjm2-pr59

Affected version: >=4.6.0-beta1,<4.6.9

Reported by:
GitHub