Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mayan_edms
(Mayan\-Edms)| Repositories | https://github.com/mayan-edms/mayan-edms |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-02-07 | CVE-2022-47419 | An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system. | Mayan_edms | 5.4 | ||
| 2018-09-03 | CVE-2018-16407 | An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has XSS because tag label values are mishandled. | Mayan_edms | 6.1 | ||
| 2018-09-03 | CVE-2018-16406 | An issue was discovered in Mayan EDMS before 3.0.2. The Cabinets app has XSS via a crafted cabinet label. | Mayan_edms | 6.1 | ||
| 2018-09-03 | CVE-2018-16405 | An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS. | Mayan_edms | 6.1 | ||
| 2014-05-27 | CVE-2014-3840 | Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_form_title.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a (1) tag or the (2) title of a source in a Staging folder, (3) Name field in a bootstrap setup, or Title field in a (4) smart link or (5) web form. | Mayan_edms | N/A |