2 matches found
CVE-2018-16405
An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS...
CVE-2018-16405
The CVE-2018-16405 issue affects Mayan EDMS prior to 3.0.2, where the Appearance app directly uses window.location, causing cross-site scripting (XSS). The vulnerability enables attacker-controlled navigation or script execution related to insufficient input sanitization in the Appearance compone...