Vulnerabilities > Seafile > Seafile > 9.0.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-09 | CVE-2023-28873 | Cross-site Scripting vulnerability in Seafile 9.0.6 An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor. | 5.4 |
| 2023-12-09 | CVE-2023-28874 | Open Redirect vulnerability in Seafile 9.0.6 The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites. | 6.1 |