| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2023-42346 |
high |
7.5 |
7.5 |
20d ago |
Alkacon OpenCms is vulnerable to XXE when the <!DOCTYPE> refers to an external host |
|
| CVE-2023-42344 |
high |
7.3 |
7.3 |
20d ago |
Alkacon OpenCms allows remote unauthenticated attackers to obtain sensitive information |
|
| CVE-2023-42345 |
medium |
6.1 |
6.1 |
20d ago |
Alkacon OpenCms is vulnerable to XSS via updateModelGroups.jsp |
|
| CVE-2023-42343 |
medium |
6.1 |
6.1 |
20d ago |
Alkacon OpenCms is vulnerable to XSS via cmis-online/type |
|
| CVE-2015-2351 |
medium |
— |
4.3 |
11y ago |
Alkacon OpenCMS XSS via homelink, workplaceresource, mode and query parameters |
|
| CVE-2013-4600 |
medium |
— |
4.3 |
13y ago |
Alkacon OpenCMS XSS via title and requestedResource parameters |
|