getformwork/formwork Security Advisories for 2.0.0-beta.1 (3)
-
[MEDIUM] Formwork CMS has Stored Cross-Site Scripting Vulnerebility in Blog Tags
PKSA-rmpr-1pwg-drvq CVE-2025-65956 GHSA-7j46-f57w-76pj
Affected version: <2.2.0
Reported by:
GitHub -
[HIGH] Formwork improperly validates input of User role preventing site and panel availability
PKSA-f12j-yzp4-332f GHSA-c85w-x26q-ch87
Affected version: >=2.0.0-beta.1,<2.0.0-beta.4
Reported by:
GitHub -
[MEDIUM] Cross-site scripting (XSS) vulnerability in Description metadata
PKSA-mh52-mt19-xnym CVE-2024-37160 GHSA-5pxr-7m4j-jjc6
Affected version: =2.0.0-beta.1|<1.13.1
Reported by:
GitHub