6 matches found
EUVD-2020-29625
Malware in sbrugna...
EUVD-2020-18380
Malware in sbrugna...
CVE-2021-41790
An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment...
CVE-2020-8777
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 rb65251d6-b368 has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document...
CVE-2020-25728
The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm involving an increment that allows a malicious user to change any user's account password include the admin account...
Alfresco sql injection vulnerability
Alfresco is an open source enterprise content management system. The platform page using Freemarker development , the main features include document management , collaboration , records management , knowledge base management , Web content management and so on. A sql injection vulnerability exists...