Vulnerabilities > Alkacon > Opencms > 15.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-13 | CVE-2023-6379 | Cross-site Scripting vulnerability in Alkacon Opencms 14.0.0/15.0.0 Cross-site scripting (XSS) vulnerability in Alkacon Software Open CMS, affecting versions 14 and 15 of the 'Mercury' template. | 6.1 |
| 2023-12-13 | CVE-2023-6380 | Open Redirect vulnerability in Alkacon Opencms 14.0.0/15.0.0 Open redirect vulnerability has been found in the Open CMS product affecting versions 14 and 15 of the 'Mercury' template. | 6.1 |
| 2023-07-20 | CVE-2023-37602 | Cross-site Scripting vulnerability in Alkacon Opencms 15.0.0 An arbitrary file upload vulnerability in the component /workplace#!explorer of Alkacon OpenCMS v15.0 allows attackers to execute arbitrary code via uploading a crafted PNG file. | 6.1 |