CVE-2021-3628
OpenKM Community Edition 6.3.10 is vulnerable to authenticated Cross-site Scripting (XSS) via the uuid parameter. The issue arises from unvalidated input in the uuid field, allowing an attacker to inject arbitrary client-side code after authentication. Documented across multiple sources (NVD entr...