CVE-2022-28051
N/A
N/A
Summary
The "Add category" functionality inside the "Global Keywords" menu in "SeedDMS" version 6.0.18 and 5.1.25, is prone to stored XSS which allows an attacker to inject malicious javascript code.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://sourceforge.net/p/seeddms/code/ci/6fc17be5d95e8f00fbe5c124c4acd377fa2ce69d/
- https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/blob/main/CVE-2022-28051/README.md
- https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28051
References
- https://sourceforge.net/p/seeddms/code/ci/6fc17be5d95e8f00fbe5c124c4acd377fa2ce69d/
- https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/blob/main/CVE-2022-28051/README.md
- https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28051
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.