Knowledgetree Document Management » Knowledgetree Document Management » 3.3.1 : Security Vulnerabilities, CVEs,
Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree before 3.5.4a allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-4281.
Max CVSS
4.3
EPSS Score
0.22%
Published
2009-01-06
Updated
2017-08-08
The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of "browse documents" and dashboard requests.
Max CVSS
6.5
EPSS Score
0.35%
Published
2009-01-06
Updated
2017-08-08
2 vulnerabilities found