Package impact
Packagist / tpwd/ke_search
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46722 | unknown | — | — | 11d ago | The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP req… | |||
| CVE-2026-46723 | unknown | — | — | 11d ago | The additional_tables configuration of the page and tt_content indexers accepts arbitrary table and field names. A backend user with permission to edit indexer configurations can copy sensitive data … | |||
| CVE-2026-46724 | unknown | — | — | 11d ago | The file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system… | |||
| CVE-2023-35783 | unknown | — | — | 3y ago | ke_search (aka Faceted Search) vulnerable to Cross-Site Scripting | |||
| CVE-2020-15517 | unknown | — | — | 4y ago | ke_search for Typo3 XSS Vulnerability |