Learn how to report security issues - Read Ibexa's security policy - Check out our security blog posts - Security Reporters Hall of Fame
IBEXA-SA-2025-001: Vulnerabilities in shopping cart and publish unscheduling
IBEXA-SA-2024-005: Persistent XSS in RichText
IBEXA-SA-2024-004: DOM-based XSS in file upload
IBEXA-SA-2024-003: Vulnerability in image-optimizer dependency
IBEXA-SA-2024-002: File validation and workflow stages
IBEXA-SA-2024-001: Taxonomy Tree Controller fails to check permissions
IBEXA-SA-2023-006: Vulnerabilities in Symfony 5.4
IBEXA-SA-2023-005: Vulnerabilities in Solr search and file downloads
IBEXA-SA-2023-004: Unauthenticated deletion in recommendation engine
