Bounties
Partners
Community
Info
dotcms / core
Project repository
Headless/Hybrid Content Management System for Enterprises
Submit a report
FIRST INTERACTION
WITHIN
N/A DAYS
REVIEW
WITHIN
18 DAYS
FIX
WITHIN
23 DAYS
Server-Side Request Forgery with Unauthenticated Temporary File Retrieval
Nov 29th 2022
felsec
•
pending
Cross-Site Request Forgery (CSRF)
Dec 16th 2021
dev696
•
pending
Improper Restriction of XML External Entity Reference
Jan 24th 2022
c4v4r0n
•
Medium
•
$20
Medium
•
$20
Improper Privilege Management
Dec 14th 2021
c4v4r0n
•
High
•
$20
High
•
$20
Server-Side Request Forgery (SSRF)
Dec 14th 2021
c4v4r0n
•
Medium
•
$16
Medium
•
$16
Cross-site Scripting (XSS) - Stored
Apr 24th 2021
ranjit-git
•
pending
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
