Opencms@17.0.0 Security Vulnerabilities and Issues — Opencms@17.0.0 CVE List

Lucene search

AlkaconOpencms17.0.0

3 matches found

CVE•added 2025/04/21 2:15 p.m.•118 views

CVE-2024-41446

A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the image parameter under the Create/Modify article function.

5.4CVSS5.6AI score0.00052EPSS

CVE•added 2025/04/18 5:15 p.m.•67 views

CVE-2024-41447

A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the author parameter under the Create/Modify article function.

5.4CVSS5.7AI score0.00039EPSS

CVE•added 2025/04/21 3:15 p.m.•49 views

CVE-2024-42699

Cross Site Scripting vulnerability in Create/Modify article function in Alkacon OpenCMS 17.0 allows remote attacker to inject javascript payload via image title sub-field in the image field

6.5CVSS6.6AI score0.00244EPSS