juzaweb/cms Security Advisories for v1.2.4 (5)
- 
                        [LOW] JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing Import Page componentPKSA-wps7-nkwz-6pwr CVE-2025-6735 GHSA-rq7x-cfmc-rq3w Affected version: <=3.4.2 Reported by: 
 GitHub
- 
                        [LOW] JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing certain componentsPKSA-byjd-fygk-s2j7 CVE-2025-6736 GHSA-mrph-pjv2-34f4 Affected version: <=3.4.2 Reported by: 
 GitHub
- 
                        [MEDIUM] juzaweb CMS allows cross-site scripting by uploading an SVG filePKSA-wym3-mj3y-byq2 CVE-2025-5420 GHSA-49rr-34j5-r8mw Affected version: <=3.4.2 Reported by: 
 GitHub
- 
                        [MEDIUM] juzawebCMS Incorrect Access Control vulnerabilityPKSA-2cgx-y9dm-ckkj CVE-2023-46906 GHSA-93p6-9cxv-5rpq Affected version: <=3.4 Reported by: 
 GitHub
- 
                        [HIGH] juzawebCMS Injection vulnerabilityPKSA-6139-g68w-c4v4 CVE-2023-46468 GHSA-h92m-4g9m-72vr Affected version: <=3.4 Reported by: 
 GitHub