SeedDMS is a free document management system with an easy-to-use web-based user interface.A cross-site scripting vulnerability exists in the AddEvent.php component of SeedDMS version 6.0.7. An attacker could exploit the vulnerability to inject malicious scripting code via the name and comment parameters.
CPE | Name | Operator | Version |
---|---|---|---|
seeddms seeddms | eq | 4.3.37 | |
seeddms seeddms | eq | 5.0.13 | |
seeddms seeddms | eq | 5.1.14 | |
seeddms seeddms | eq | 5.1.16 | |
seeddms seeddms | eq | 5.1.18 | |
seeddms seeddms | eq | 6.0.7 |