Vulnerabilities > Openkm > Openkm > 6.4.18

DATE CVE VULNERABILITY TITLE RISK
2017-10-06 CVE-2014-8957 Cross-site Scripting vulnerability in Openkm 6.4.18
Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allows remote authenticated users to inject arbitrary web script or HTML via the Tasks parameter.
network
low complexity
openkm CWE-79
5.4
5.4