Opencms Security Vulnerabilities and Issues — Opencms CVE List

Lucene search

AlkaconOpencms

3 matches found

CVE•added 2019/08/27 12:15 p.m.•99 views

CVE-2019-13236

In system/workplace/ in Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple Reflected and Stored XSS issues in the management interface.

6.1CVSS5.8AI score0.04252EPSS

CVE•added 2019/05/08 4:29 p.m.•45 views

CVE-2019-11818

Alkacon OpenCMS v10.5.4 and before is affected by stored cross site scripting (XSS) in the module New User (/opencms/system/workplace/admin/accounts/user_new.jsp). This allows an attacker to insert arbitrary JavaScript as user input (First Name or Last Name), which will be executed whenever the aff...

6.1CVSS5.9AI score0.0024EPSS

CVE•added 2019/05/08 4:29 p.m.•40 views

CVE-2019-11819

Alkacon OpenCMS v10.5.4 and before is affected by CSV (aka Excel Macro) Injection in the module New User (/opencms/system/workplace/admin/accounts/user_new.jsp) via the First Name or Last Name.

7.8CVSS7.8AI score0.00203EPSS