Browse all 7 CVE security advisories affecting medialize. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Medialize is an open-source PHP library primarily used for URL manipulation and HTTP request handling in web applications. Historically, it has been susceptible to multiple remote code execution vulnerabilities, often stemming from unsafe deserialization and improper input validation. Cross-site scripting (XSS) and privilege escalation flaws have also been commonly recorded, with several CVEs documenting these weaknesses. The library's security posture has been inconsistent, with multiple critical vulnerabilities discovered over time, including some that allow attackers to execute arbitrary code or bypass security controls. While no major public incidents have been widely reported, the significant number of CVEs indicates potential risks for implementations lacking proper input sanitization and secure configuration practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-24723 | Improper Input Validation in URI.js — URI.jsCWE-20 | 5.3 | Medium | 2022-03-03 |
| CVE-2020-26291 | Hostname spoofing in URI.js — URI.jsCWE-20 | 6.5 | Medium | 2020-12-30 |
This page lists every published CVE security advisory associated with medialize. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.