Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Omeka Subscribe
Total 11 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4561 1 Omeka 1 Omeka S 2024-11-21 N/A 4.8 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.4.
CVE-2023-4560 1 Omeka 1 Omeka S 2024-11-21 N/A 6.5 MEDIUM
Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.
CVE-2023-4159 1 Omeka 1 Omeka S 2024-11-21 N/A 8.8 HIGH
Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3.
CVE-2023-4158 1 Omeka 1 Omeka S 2024-11-21 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.3.
CVE-2023-4157 1 Omeka 1 Omeka S 2024-11-21 N/A 5.2 MEDIUM
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.
CVE-2023-3982 1 Omeka 1 Omeka 2024-11-21 N/A 4.8 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.
CVE-2023-3981 1 Omeka 1 Omeka 2024-11-21 N/A 4.9 MEDIUM
Server-Side Request Forgery (SSRF) in GitHub repository omeka/omeka-s prior to 4.0.2.
CVE-2023-3980 1 Omeka 1 Omeka 2024-11-21 N/A 4.8 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.
CVE-2021-26799 1 Omeka 1 Omeka 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka Classic <=2.7 allows remote attackers to inject arbitrary web script or HTML.
CVE-2018-13423 1 Omeka 1 Omeka 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag.
CVE-2014-5100 1 Omeka 1 Omeka 2024-11-21 6.8 MEDIUM N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS) sequences via the api_key_label parameter to admin/users/api-keys/1, or (3) disable file validation via a request to admin/settings/edit-security.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024