Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, read access to site, user and role information is not gated by permissions. This issue has been patched in versions 4.9.0 and 5.4.0.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XGetkirby Kirby
APPGetkirby< 4.9.05.0.0 – 5.4.0 (bez)
Related vulnerabilities
Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, `pages.access/list` and ...
Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed...
Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, Kirby's user permissions...
Kirby is a CMS targeting designers and editors. Kirby allows to restrict the permissions of specific user role...
An arbitrary file upload vulnerability in the Profile Image module of Kirby CMS v4.1.0 allows attackers to exe...