Voyager
Monthly
DevDojo Voyager through version 1.8.0 is vulnerable to bypassing the file type verification when an authenticated user uploads a file via /admin/media/upload. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 24.7%.
DevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 58.6%.
DevDojo Voyager through version 1.8.0 is vulnerable to bypassing the file type verification when an authenticated user uploads a file via /admin/media/upload. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 24.7%.
DevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 58.6%.