Documize Security Vulnerabilities and Issues — Documize CVE List

Lucene search

DocumizeDocumize

2 matches found

CVE•added 2023/12/29 7:15 a.m.•64 views

CVE-2023-23634

SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the /api/dashboard/activity endpoint.

9.8CVSS9.9AI score0.02215EPSS

CVE•added 2019/12/06 4:15 a.m.•62 views

CVE-2019-19619

domain/section/markdown/markdown.go in Documize before 3.5.1 mishandles untrusted Markdown content. This was addressed by adding the bluemonday HTML sanitizer to defend against XSS.

6.1CVSS6AI score0.00419EPSS