CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-47414

If an attacker has access to the console for OpenKM (and is authenticated), a stored XSS vulnerability is reachable in the document "note" functionality.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.8%

CVSS Severity

CVSS v3 Score 5.4

References

https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419/
https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419/

Products affected by CVE-2022-47414

Openkm » Openkm » Version: 6.3.12

cpe:2.3:a:openkm:openkm:6.3.12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-47414

Products

Pricing

Contact Us