Vulnerabilities > Logicaldoc > Logicaldoc > 8.7.3

DATE CVE VULNERABILITY TITLE RISK
2023-02-07 CVE-2022-47418 Cross-site Scripting vulnerability in Logicaldoc 8.7.3/8.8.2
LogicalDOC Enterprise and Community Edition (CE) are vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the document version comments.
network
low complexity
logicaldoc CWE-79
5.4
5.4
2023-02-07 CVE-2022-47415 Cross-site Scripting vulnerability in Logicaldoc 8.7.3/8.8.2
LogicalDOC Enterprise and Community Edition (CE) are vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the in-app messaging system (both subject and message bodies).
network
low complexity
logicaldoc CWE-79
5.4
5.4
2023-02-07 CVE-2022-47417 Cross-site Scripting vulnerability in Logicaldoc 8.7.3/8.8.2
LogicalDOC Enterprise and Community Edition (CE) are vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the document file name.
network
low complexity
logicaldoc CWE-79
5.4
5.4