Vulnerabilities > Logicaldoc > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-07 | CVE-2022-47418 | Cross-site Scripting vulnerability in Logicaldoc 8.7.3/8.8.2 LogicalDOC Enterprise and Community Edition (CE) are vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the document version comments. | 5.4 |
| 2023-02-07 | CVE-2022-47415 | Cross-site Scripting vulnerability in Logicaldoc 8.7.3/8.8.2 LogicalDOC Enterprise and Community Edition (CE) are vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the in-app messaging system (both subject and message bodies). | 5.4 |
| 2023-02-07 | CVE-2022-47416 | Cross-site Scripting vulnerability in Logicaldoc 8.8.2 LogicalDOC Enterprise is vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the in-app chat system. | 5.4 |
| 2023-02-07 | CVE-2022-47417 | Cross-site Scripting vulnerability in Logicaldoc 8.7.3/8.8.2 LogicalDOC Enterprise and Community Edition (CE) are vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the document file name. | 5.4 |
| 2020-03-18 | CVE-2020-10365 | SQL Injection vulnerability in Logicaldoc LogicalDoc before 8.3.3 allows SQL Injection. | 6.5 |
| 2017-07-17 | CVE-2017-1000023 | Cross-site Scripting vulnerability in Logicaldoc LogicalDoc Community Edition 7.5.3 and prior is vulnerable to an XSS when using preview on HTML document. | 5.4 |