Yann Michard

#22237of 53,632
10.1Total CVSS
Vulnerabilities · 2
Low
1
High
1
PT-2012-3347
7.5
2012-10-06
Ez Systems · Ez Publish · CVE-2012-1565
**Name of the Vulnerable Software and Affected Versions** ez Publish versions 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 **Description** The issue is related to an insecure direct object reference, but the specific details about the impact and attack vectors are not provided. **Recommendations** For ez Publish versions 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2012-3369
2.6
2012-08-17
Ez Systems · Ez Js Core · CVE-2012-1597
**Name of the Vulnerable Software and Affected Versions** eZ Publish versions prior to 1.5 **Description** A cross-site scripting (XSS) issue exists due to a vulnerability in the textEncode function in classes/ezjscajaxcontent.php in eZ JS Core. This allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For versions prior to 1.5, update to version 1.5 or later to resolve the issue.