169 matches found
CVE-2022-47416
LogicalDOC Enterprise is vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the in-app chat system...
Cross site scripting
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the in-app messaging system both subject and message bodies...
Cross site scripting
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...
Cross site scripting
LogicalDOC Enterprise is vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the in-app chat system...
CVE-2022-47418
LogicalDOC Enterprise and CE are affected by a stored (Type II) cross-site scripting (XSS) in document version comments. Vulnerable component: the document version comments handling in LogicalDOC; root cause described as a stored XSS condition. Impact: confidentiality and integrity may be affecte...
CVE-2022-47418 LogicalDOC Document Version Comment Stored XSS
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document version comments...
CVE-2022-47418 LogicalDOC Document Version Comment Stored XSS
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document version comments...
CVE-2022-47417 LogicalDOC Document File Name Stored XSS
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...
CVE-2022-47417
CVE-2022-47417 affects LogicalDOC Enterprise and Community Edition (CE). The issue is a stored (persistent) cross-site scripting (XSS) vulnerability in the document file name. The provided documents specify the vulnerability type and affected product, but do not include concrete exploit details, ...
CVE-2022-47417 LogicalDOC Document File Name Stored XSS
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...
CVE-2022-47416 LogicalDOC Chat Stored XSS
LogicalDOC Enterprise is vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the in-app chat system...
CVE-2022-47416
Technical details for CVE-2022-47416 are not provided in the connected documents. The Initial Description notes a stored XSS in LogicalDOC Enterprise's in-app chat; no product versions, impact, or remediation are detailed here. Monitor for updates.
CVE-2022-47416 LogicalDOC Chat Stored XSS
LogicalDOC Enterprise is vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the in-app chat system...
CVE-2022-47415
Technical details about CVE-2022-47415 are not publicly available in the provided Connected documents. Monitor official advisories and CVE listings for affected products, impact, and available patches.
CVE-2022-47415 LogicalDOC Messaging Stored XSS
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the in-app messaging system both subject and message bodies...
CVE-2022-47415 LogicalDOC Messaging Stored XSS
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the in-app messaging system both subject and message bodies...
Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)
Through the course of routine security testing and analysis, Rapid7 has discovered several issues in on-premises installations of open source and freemium Document Management System DMS offerings from four vendors. While all of the discovered issues are instances of CWE-79: Improper Neutralizatio...
Logicaldoc LogicalDOC 跨站脚本漏洞
LogicalDOC is the U.S. LogicalDOC company a set of document management system developed using Java technology . The system has features such as Lucene full-text search indexing and automatic import. A security vulnerability exists in LogicalDOC Enterprise and Community Edition CE. An attacker cou...
Logicaldoc LogicalDOC 跨站脚本漏洞
LogicalDOC is the U.S. LogicalDOC company a set of document management system developed using Java technology . The system has features such as Lucene full-text search indexing and automatic import. A security vulnerability exists in LogicalDOC Enterprise. An attacker could exploit this...
LogicalDOC 跨站脚本漏洞
LogicalDOC is the U.S. LogicalDOC company a set of document management system developed using Java technology . The system has features such as Lucene full-text search indexing and automatic import. A security vulnerability exists in LogicalDOC Enterprise and Community Edition CE. An attacker cou...