Vulnerabilities > Openkm > Openkm > 6.3.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-17 | CVE-2021-33950 | XXE vulnerability in Openkm 6.3.10 An issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function. | 7.5 |
| 2022-11-13 | CVE-2022-3969 | Unspecified vulnerability in Openkm A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. | 5.5 |
| 2022-07-25 | CVE-2022-2131 | XXE vulnerability in Openkm 6.3.10 OpenKM Community Edition in its 6.3.10 version and before was using XMLReader parser in XMLTextExtractor.java file without the required security flags, allowing an attacker to perform a XML external entity injection attack. | 9.8 |
| 2021-08-30 | CVE-2021-3628 | Cross-site Scripting vulnerability in Openkm 6.3.10 OpenKM Community Edition in its 6.3.10 version is vulnerable to authenticated Cross-site scripting (XSS). | 5.4 |