3 matches found
CVE-2025-45754
A stored cross-site scripting XSS vulnerability exists in SeedDMS 6.0.32. This vulnerability allows an attacker to inject malicious JavaScript payloads by creating a document with an XSS payload as the document name...
CVE-2025-45754
A stored cross-site scripting XSS vulnerability exists in SeedDMS 6.0.32. This vulnerability allows an attacker to inject malicious JavaScript payloads by creating a document with an XSS payload as the document name...
CVE-2025-45754
SeedDMS 6.0.32 is affected by a stored XSS vulnerability: an attacker can inject JavaScript by using an XSS payload as a document name. The CVSS v3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N with a base score of 5.4 (Medium). Exploitation details beyond creating a document name are ...