This site has been archived. To learn more about our current products Ibexa Content, Ibexa Experience, Ibexa Commerce head over to the Ibexa Developer Portal

eZ Community » Security Advisories

Security Advisories

NB: These advisories are being moved to https://ezplatform.com/security-advisories
For a while you will find them in both places, but eventually they will be removed from here.

If you come across a security issue in our products, here is how you can report it to us: https://doc.ezplatform.com/en/latest/guide/reporting_issues/

Security Advisories

EZSA-2014-004: Vulnerability with the session cookie

Friday 08 May 2015 04:38

Severity : Medium

EZSA-2014-003: XSS vulnerability in node and class names

Friday 08 May 2015 04:33

Severity : High

EZSA-2014-002: XSS vulnerability in eZ JS Core

Friday 08 May 2015 04:25

Severity : Low

EZSA-2014-001: XSS and approval vulnerabilities

Friday 08 May 2015 04:25

Severity : High

EZSA-2013-020: DOS vulnerability in login forms

Friday 08 May 2015 03:49

Severity : High

EZSA-2013-019: eZ Flow blocks ignore limitations

Friday 08 May 2015 03:35

Severity : Medium

EZSA-2013-018: XSS issues in datatype templates (eZ Demo)

Friday 08 May 2015 03:13

Severity : Medium

EZSA-2013-017: XSS issues in datatype templates (eZ Webin)

Friday 08 May 2015 03:13

Severity : Medium

EZSA-2013-016: XSS issues in datatype templates

Friday 08 May 2015 03:13

Severity : Medium

EZSA-2013-015: SQL injection vulnerability in eZ RSS

Friday 08 May 2015 11:41

Severity : Low

EZSA-2013-011: XSS issues in admin design

Monday 05 August 2013 06:00

Severity : Low

EZSA-2013-009: 404 errors may lead to DDOS attacks

Monday 05 August 2013 05:51

Severity : High

EZSA-2013-006: Xss vulnerability on user/login

Monday 05 August 2013 05:47

Severity : Medium

EZSA-2013-001: XSS attack possible in content/browse

Monday 05 August 2013 05:31

Severity : Medium

36 542 Users on board!

Community Project menu

Proudly Developed with from