Vulnerabilities > Seafile > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-09 | CVE-2023-28873 | Cross-site Scripting vulnerability in Seafile 9.0.6 An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor. | 5.4 |
| 2023-12-09 | CVE-2023-28874 | Open Redirect vulnerability in Seafile 9.0.6 The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites. | 6.1 |
| 2021-12-14 | CVE-2021-43820 | Unspecified vulnerability in Seafile Server Seafile is an open source cloud storage system. | 5.9 |
| 2021-04-06 | CVE-2021-30146 | Cross-site Scripting vulnerability in Seafile 7.0.5 Seafile 7.0.5 (2019) allows Persistent XSS via the "share of library functionality." | 5.4 |