Lucene search

Seafile Server Security Vulnerabilities

cve

CVE-2023-28873

An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown...

5.4CVSS

5.2AI Score

0.0004EPSS

2023-12-09 07:15 AM

cve

CVE-2023-28874

The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary...

6.1CVSS

6.2AI Score

0.0005EPSS

2023-12-09 07:15 AM

cve

CVE-2021-43820

Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether the....

7.4CVSS

5.5AI Score

0.001EPSS

2021-12-14 07:15 PM

cve

CVE-2014-5443

Seafile Server before 3.1.2 and Server Professional Edition before 3.1.0 allow local users to gain privileges via vectors related to ccnet handling user...

7.8CVSS

7.5AI Score

0.0004EPSS

2018-03-19 09:29 PM