Vulnerabilities > Papermerge

DATE CVE VULNERABILITY TITLE RISK
2020-12-02 CVE-2020-29456 Cross-site Scripting vulnerability in Papermerge
Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function.
network
low complexity
papermerge CWE-79
6.1