CVE-2014-8957
OpenKM is affected by a Cross-site Scripting (XSS) vulnerability (CVE-2014-8957) present in versions prior to 6.4.19. The issue allows remote authenticated users to inject arbitrary web script or HTML via the Tasks parameter. The vulnerability impact is limited to confidentiality/integrity of the...