Alfresco » Alfresco : Security Vulnerabilities (Cross Site Scripting (XSS))
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2020-18327 |
79 |
|
XSS |
2022-03-04 |
2022-03-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross Site Scripting (XSS) vulnerability exists in Alfresco Alfresco Community Edition v5.2.0 via the action parameter in the alfresco/s/admin/admin-nodebrowser API. Fixed in v6.2 |
|
2 |
CVE-2020-8778 |
79 |
|
XSS |
2020-03-02 |
2022-05-24 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project. |
|
3 |
CVE-2020-8777 |
79 |
|
XSS |
2020-03-02 |
2022-05-24 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document. |
|
4 |
CVE-2020-8776 |
79 |
|
XSS |
2020-03-02 |
2022-05-24 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file. |
|
5 |
CVE-2019-19496 |
79 |
|
XSS |
2019-12-02 |
2019-12-11 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document. |
|
6 |
CVE-2014-2939 |
79 |
|
XSS |
2014-06-02 |
2014-06-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in Alfresco Enterprise before 4.1.6.13 allow remote attackers to inject arbitrary web script or HTML via (1) an XHTML document, (2) a <% tag, or (3) the taskId parameter to share/page/task-edit. |
Total number of vulnerabilities :
6
Page :
1
(This Page)