Wagtail

Latest version: v6.1

Vulnerabilities (12)

CVE/PVE	Vulnerability ID	Advisory	Affected versions	Severity	Severity Score
CVE-2023-45809	61943	Wagtail 4.1.9, 5.0.5 and 5.1.3 include a fix for CVE-2023-45809: A us…	<4.1.9 >=5.1rc1,<5.1.3 >=4.2rc1,<5.0.5	LOW	2.7
CVE-2021-32681	40803	A cross-site scripting vulnerability exists in versions 2.13-2.13.1, …	<2.11.8 >=2.13rc1,<=2.13.1 >=2.12rc1,<=2.12.4	MEDIUM	5.4
CVE-2023-28836	54840	Wagtail 4.1.4 and 4.2.2 include a fix for CVE-2023-28836: Starting in…	>=4.2rc1,<4.2.2 >=1.5rc1,<4.1.4	MEDIUM	5.4
CVE-2023-4863	61487	Wagtail 5.0.4 and 4.1.8 update its requirement 'pillow' spec to '>=6.…	<4.1.8 >=5.0rc1,<5.0.4	HIGH	8.8
CVE-2023-28837	54841	Wagtail 4.1.4 and 4.2.2 include a fix for CVE-2023-28837: Prior to ve…	<4.1.4 >=4.2rc1,<4.2.2	MEDIUM	4.9
CVE-2020-11037	38249	Wagtail 2.7.3 and 2.8.2 include a fix for CVE-2020-1103, avoiding a p…	<2.7.3 >=2.8.0,<2.8.2	MEDIUM	4.7
CVE-2021-29434	40230	Wagtail is a Django content management system. In affected versions o…	>=2.11a1,<2.11.7 >=2.12a1,<2.12.4	MEDIUM	4.8
PVE-2024-64464	64464	The Wagtail 5.2rc1 release addresses a race condition issue that coul…	<5.2rc1	-	-
PVE-2024-64506	64506	The Wagtail 5.2rc1 release includes a fix for a race condition that c…	<5.2rc1	-	-
CVE-2020-15118	38922	Wagtail 2.7.4 includes a fix for CVE-2020-15118 to prevent HTML injec…	<2.7.4	MEDIUM	5.4
CVE-2020-11001	38184	Wagtail 2.7.2 fixes CVE-2020-11001, which allows a XSS attack via pag…	<2.7.2	MEDIUM	6.8
CVE-2022-21683	44608	Wagtail 2.15.2 includes a fix for CVE-2022-21683: When notifications …	>=2.13a0,<2.15.2	MEDIUM	4.3