[MEDIUM] Sulu checks fix permissions for subentities endpoints

PKSA-s8fv-tzzv-5y3k CVE-2026-34372 GHSA-6h7h-m7p5-hjqp

Affected version: >=3.0.0,<3.0.5|>=1.0.0,<2.6.22

Reported by:
GitHub

[MEDIUM] Sulu vulnerable to XXE in SVG File upload Inspector

PKSA-tptv-6vj5-qz52 CVE-2025-47778 GHSA-f6rx-hf55-4255

Affected version: >=3.0.0-alpha1,<3.0.0-alpha3|>=2.6.5,<2.6.9|>=2.5.21,<2.5.25

Reported by:
GitHub