Latest version: v6.0.0
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2024-25169 | 68492 |
** DISPUTED ** An issue in Mezzanine v6.0.0 allows attackers to bypas… |
|
- | - |
| CVE-2024-25170 | 68491 |
Affected version of Mezzanine allow attackers to bypass access contro… |
|
- | - |
| CVE-2018-16632 | 66996 |
Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/… |
|
MEDIUM | 4.8 |
| PVE-2021-36270 | 36270 |
mezzanine 4.3.0 fixes a potential security vulnerability in which th… |
|
HIDDEN | X.Y |
| PVE-2021-42775 | 42775 |
Mezzanine 1.4.8 fixes an issue where ACCOUNTS_VERIFICATION_REQUIRED c… |
|
HIDDEN | X.Y |
| PVE-2021-42778 | 42778 |
Mezzanine 0.5.2 adds more robust CSRF protection and applies it to fo… |
|
HIDDEN | X.Y |
| PVE-2021-42776 | 42776 |
Mezzanine 0.10.5 fixes Ajax in admin not using CSRF token for forms. … |
|
HIDDEN | X.Y |
| CVE-2020-19002 | 54309 |
Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attacker… |
|
MEDIUM | 6.1 |