Opencms@* Security Vulnerabilities and Issues — Opencms@* CVE List

Lucene search

AlkaconOpencms*

2 matches found

CVE•added 2006/07/31 10:4 p.m.•50 views

CVE-2006-3933

Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.2.2 allows remote authenticated users to inject arbitrary web script or HTML via the message body.

3.5CVSS5.3AI score0.00387EPSS

CVE•added 2006/07/31 10:4 p.m.•47 views

CVE-2006-3934

Absolute path traversal vulnerability in downloadTrigger.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to download arbitrary files via an absolute pathname in the filePath parameter.

4CVSS6.4AI score0.00354EPSS