Alfresco » Alfresco » 6.1 community : Security Vulnerabilities, CVEs,

cpe:2.3:a:alfresco:alfresco:6.1:*:*:*:community:*:*:*

CVE-2020-8778

Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.
Max CVSS
5.4
EPSS Score
0.27%
Published
2020-03-02
Updated
2022-05-24

CVE-2020-8777

Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.
Max CVSS
5.4
EPSS Score
0.27%
Published
2020-03-02
Updated
2022-05-24

CVE-2020-8776

Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
Max CVSS
5.4
EPSS Score
0.27%
Published
2020-03-02
Updated
2022-05-24

CVE-2019-14223

An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By manipulating the POST parameters, an attacker can redirect a victim to a malicious website over any protocol the attacker desires (e.g.,http, https, ftp, smb, etc.).
Max CVSS
6.1
EPSS Score
0.21%
Published
2019-09-06
Updated
2020-07-23
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close