In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an malicious user to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/history/settings/index.jsp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alkacon opencms apollo template 10.5.4 |
||
alkacon opencms apollo template 10.5.5 |