3 matches found
CVE-2019-19496
Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document...
CVE-2019-19496
Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document...
CVE-2019-19496
CVE-2019-19496 affects Alfresco Enterprise (pre-5.2.5). The vulnerability is a stored XSS via an uploaded HTML document in the web app. Root cause is insufficient validation of client-side data during upload, enabling script execution in the victim’s browser. Affected versions are Alfresco Enterp...