CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-47417

LogicalDOC Enterprise and Community Edition (CE) are vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the document file name.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.2%

CVSS Severity

CVSS v3 Score 5.4

References

https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419/
https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419/

Products affected by CVE-2022-47417

Logicaldoc » Logicaldoc » Version: 8.7.3

cpe:2.3:a:logicaldoc:logicaldoc:8.7.3
Logicaldoc » Logicaldoc » Version: 8.8.2

cpe:2.3:a:logicaldoc:logicaldoc:8.8.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-47417

Products

Pricing

Contact Us