Knowledgetree Document Management: >> Knowledgetree Document Management >> 3.0.2 Security Vulnerabilities
The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of "browse documents" and dashboard requests.
CVSS Score
6.5
EPSS Score
0.006
Published
2009-01-06
Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree before 3.5.4a allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-4281.
CVSS Score
4.3
EPSS Score
0.003
Published
2009-01-06