Vulnerabilities > Hyland > Alfresco Content Services
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-20 | CVE-2024-40347 | Cross-site Scripting vulnerability in Hyland Alfresco Content Services 7.2.0 A reflected cross-site scripting (XSS) vulnerability in Hyland Alfresco Platform 23.2.1-r96 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the parameter htmlid. | 6.1 |
| 2023-12-11 | CVE-2023-49964 | Injection vulnerability in Hyland Alfresco Content Services 7.2.0 An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. | 8.8 |