Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-8778 | 1 Alfresco | 1 Alfresco | 2022-05-24 | 3.5 LOW | 5.4 MEDIUM |
| Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project. | |||||
| CVE-2020-8776 | 1 Alfresco | 1 Alfresco | 2022-05-24 | 3.5 LOW | 5.4 MEDIUM |
| Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file. | |||||
| CVE-2020-8777 | 1 Alfresco | 1 Alfresco | 2022-05-24 | 3.5 LOW | 5.4 MEDIUM |
| Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document. | |||||
| CVE-2019-14223 | 1 Alfresco | 1 Alfresco | 2020-07-23 | 5.8 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By manipulating the POST parameters, an attacker can redirect a victim to a malicious website over any protocol the attacker desires (e.g.,http, https, ftp, smb, etc.). | |||||
| CVE-2019-19496 | 1 Alfresco | 1 Alfresco | 2019-12-11 | 3.5 LOW | 5.4 MEDIUM |
| Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document. | |||||