Security overview · opensource-workshop/connect-cms · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Arbitrary Code Execution by an Authenticated User in the Code Study Plugin
GHSA-hxqw-6qv7-cqfv published Mar 23, 2026 by gakigaki

High
Server-Side Request Forgery (SSRF) in the External Page Migration Feature of the Page Management Plugin
GHSA-jh46-85jr-6ph9 published Mar 23, 2026 by gakigaki

Moderate
Stored Cross-Site Scripting (XSS) in the File Field of the Form Plugin
GHSA-mv3p-7p89-wq9p published Mar 23, 2026 by gakigaki

High
DOM-based Cross-Site Scripting (XSS) in the Cabinet Plugin List View
GHSA-cmfh-mpmf-fmq4 published Mar 23, 2026 by gakigaki

High
Information Disclosure Due to Improper Authorization in the Page Content Retrieval Feature
GHSA-62ch-j6x7-722j published Mar 23, 2026 by gakigaki

High
Improper Authorization in the My Page Profile Update Feature Allows Modification of Arbitrary User Information
GHSA-qr6x-wvxr-8hm9 published Mar 23, 2026 by gakigaki

High
Access control vulnerability
GHSA-5rjc-jc28-cwgg published Feb 7, 2025 by akagane99

Moderate
[サイト内検索] 閲覧を限定している情報が見えてしまう
GHSA-2237-5r9w-vm8j published Feb 7, 2025 by akagane99

Critical
Privileges Escalation Vulnerability
GHSA-qxh3-jgvh-x55j published Jul 3, 2023 by akagane99

Moderate

Learn more about advisories related to opensource-workshop/connect-cms in the GitHub Advisory Database