An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system.
Max CVSS
5.4
EPSS Score
0.06%
Published
2023-02-07
Updated
2023-03-16
An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has XSS because tag label values are mishandled.
Max CVSS
6.1
EPSS Score
0.13%
Published
2018-09-03
Updated
2018-10-30
An issue was discovered in Mayan EDMS before 3.0.2. The Cabinets app has XSS via a crafted cabinet label.
Max CVSS
6.1
EPSS Score
0.13%
Published
2018-09-03
Updated
2018-10-30
An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS.
Max CVSS
6.1
EPSS Score
0.13%
Published
2018-09-03
Updated
2018-10-30
Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_form_title.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a (1) tag or the (2) title of a source in a Staging folder, (3) Name field in a bootstrap setup, or Title field in a (4) smart link or (5) web form.
Max CVSS
3.5
EPSS Score
0.36%
Published
2014-05-27
Updated
2014-06-18
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!