Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:seeddms:seeddms:6.0.18:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-28479 |
SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to stored XSS. An attacker with admin privileges can inject the payload inside the "Role management" menu and then trigger the payload by loading the "Users management" menu Published: June 06, 2022; 7:15:08 PM -0400 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2022-28051 |
The "Add category" functionality inside the "Global Keywords" menu in "SeedDMS" version 6.0.18 and 5.1.25, is prone to stored XSS which allows an attacker to inject malicious javascript code. Published: June 06, 2022; 7:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |