6 matches found
CVE-2020-8777
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 rb65251d6-b368 has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document...
Alfresco 5.2.4 - Persistent Cross-Site Scripting
Alfresco 5.2.4 - Persistent Cross-Site Scripting Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software...
Alfresco 5.2.4 - Persistent Cross-Site Scripting
Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link: https://www.alfresco.com/ecm-software Versio...
Alfresco 5.2.4 Cross Site Scripting
Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link: https://www.alfresco.com/ecm-software Versio...
Alfresco 5.2.4 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link:...
CVE-2020-8777
CVE-2020-8777 affects Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0. The issue is a stored XSS via a user profile photo, demonstrated by a SCRIPT element in an SVG document. Public references document XSS in the SVG photo handling and note affected versions; an Exploit-DB e...