Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openkm openkm vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-47414
If an attacker has access to the console for OpenKM (and is authenticated), a stored XSS vulnerability is reachable in the document "note" functionality.
Openkm Openkm 6.3.12
5.4
CVSSv3
CVE-2023-50072
A Stored Cross-Site Scripting (XSS) vulnerability exists in OpenKM version 7.1.40 (dbb6e88) With Professional Extension that allows an authenticated user to upload a note on a file which acts as a stored XSS payload. Any user who opens the note of a document file will trigger the...
Openkm Openkm 7.1.40
1 Github repository
7.5
CVSSv3
CVE-2021-33950
An issue discovered in OpenKM v6.3.10 allows malicious users to obtain sensitive information via the XMLTextExtractor function.
Openkm Openkm 6.3.10
5.4
CVSSv3
CVE-2021-3628
OpenKM Community Edition in its 6.3.10 version is vulnerable to authenticated Cross-site scripting (XSS). A remote attacker could exploit this vulnerability by injecting arbitrary code via de uuid parameter.
Openkm Openkm 6.3.10
NA
CVE-2024-35475
A Cross-Site Request Forgery (CSRF) vulnerability exists in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an malicious user to manipulate a victim with administrative privileges to execute arbitrary SQL comman...
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2