Описание
LogicalDOC Enterprise is vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the in-app chat system.
Ссылки
- https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419/ExploitThird Party Advisory
- https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419/ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:logicaldoc:logicaldoc:8.8.2:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 49%
0.00256
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
около 3 лет назад
LogicalDOC Enterprise is vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the in-app chat system.
EPSS
Процентиль: 49%
0.00256
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79