Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.4.

Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.

Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3.

Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.3.

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository ome