Vulnerabilities > Alfresco > Alfresco > 5.2.3

DATE CVE VULNERABILITY TITLE RISK
2020-03-02 CVE-2020-8778 Cross-site Scripting vulnerability in Alfresco
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.
network
alfresco CWE-79
3.5
3.5
2020-03-02 CVE-2020-8777 Cross-site Scripting vulnerability in Alfresco
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.
network
alfresco CWE-79
3.5
3.5
2020-03-02 CVE-2020-8776 Cross-site Scripting vulnerability in Alfresco
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
network
alfresco CWE-79
3.5
3.5
2019-12-02 CVE-2019-19496 Cross-site Scripting vulnerability in Alfresco
Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document.
network
alfresco CWE-79
3.5
3.5