3 matches found
CVE-2022-47417 LogicalDOC Document File Name Stored XSS
LogicalDOC Enterprise and Community Edition CE are vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition in the document file name...
CVE-2022-47417
CVE-2022-47417 affects LogicalDOC Enterprise and Community Edition (CE). The issue is a stored (persistent) cross-site scripting (XSS) vulnerability in the document file name. The provided documents specify the vulnerability type and affected product, but do not include concrete exploit details, ...
Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)
Through the course of routine security testing and analysis, Rapid7 has discovered several issues in on-premises installations of open source and freemium Document Management System DMS offerings from four vendors. While all of the discovered issues are instances of CWE-79: Improper Neutralizatio...