AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the parameter βsectionContentβ related to the functionality of adding notes to an uploaded file.
docubase.com
tessi.com
github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37675.md