Search for packages
| purl | pkg:composer/oro/platform@3.1.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-j1uw-vqqx-uuh2
Aliases: GHSA-rrgw-3hg3-9x8c GMS-2022-24 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in oro/platform. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-mp7m-9665-uqb6
Aliases: CVE-2021-41236 GHSA-qv7g-j98v-8pp7 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') OroPlatform is a PHP Business Application Platform.An attacker must have permission to create or edit an email template. For successful payload, execution the attacked user must preview a vulnerable email template. There are no workarounds that address this vulnerability. Users are advised to upgrade as soon as is possible. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:40:56.831381+00:00 | GitLab Importer | Affected by | VCID-j1uw-vqqx-uuh2 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/oro/platform/GMS-2022-24.yml | 38.6.0 |
| 2026-06-02T04:40:49.013915+00:00 | GitLab Importer | Affected by | VCID-mp7m-9665-uqb6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/oro/platform/CVE-2021-41236.yml | 38.6.0 |