Opencms Apollo Template@10.5.4 Security Vulnerabilities and Issues — Opencms Apollo Template@10.5.4 CVE List

Lucene search

AlkaconOpencms Apollo Template10.5.4

3 matches found

CVE•added 2019/08/27 12:15 p.m.•93 views

CVE-2019-13235

In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the Login form.

6.1CVSS5.8AI score0.04252EPSS

CVE•added 2019/08/27 12:15 p.m.•89 views

CVE-2019-13234

In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the search engine.

6.1CVSS5.8AI score0.02035EPSS

CVE•added 2019/08/27 12:15 p.m.•88 views

CVE-2019-13237

In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/history/settings/index.jsp.

4.3CVSS4.4AI score0.04138EPSS