Vulnerability Details CVE-2022-47415
LogicalDOC Enterprise and Community Edition (CE) are vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the in-app messaging system (both subject and message bodies).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.9%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2022-47415
-
cpe:2.3:a:logicaldoc:logicaldoc:8.7.3
-
cpe:2.3:a:logicaldoc:logicaldoc:8.8.2