Vulnerabilities > Openkm > Openkm > 6.3.12
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-07 | CVE-2022-47413 | Cross-site Scripting vulnerability in Openkm 6.3.12 Given a malicious document provided by an attacker, the OpenKM DMS is vulnerable to a stored (persistent, or "Type II") XSS condition. | 5.4 |
2023-02-07 | CVE-2022-47414 | Cross-site Scripting vulnerability in Openkm 6.3.12 If an attacker has access to the console for OpenKM (and is authenticated), a stored XSS vulnerability is reachable in the document "note" functionality. | 5.4 |