Opencms@10.5.3 Security Vulnerabilities and Issues — Opencms@10.5.3 CVE List

Lucene search

AlkaconOpencms10.5.3

2 matches found

CVE•added 2018/03/20 7:29 a.m.•56 views

CVE-2018-8811

Cross-site request forgery (CSRF) vulnerability in system/workplace/admin/accounts/user_role.jsp in OpenCMS 10.5.3 allows remote attackers to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS allows only registered user...

8.8CVSS9AI score0.00293EPSS

CVE•added 2018/03/20 7:29 a.m.•56 views

CVE-2018-8815

Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image.

4.6CVSS4.5AI score0.00194EPSS