Seeddms: >> Seeddms >> 5.1.25 Security Vulnerabilities
The "Add category" functionality inside the "Global Keywords" menu in "SeedDMS" version 6.0.18 and 5.1.25, is prone to stored XSS which allows an attacker to inject malicious javascript code.
CVSS Score
5.4
EPSS Score
0.006
Published
2022-06-06
SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to stored XSS. An attacker with admin privileges can inject the payload inside the "Role management" menu and then trigger the payload by loading the "Users management" menu
CVSS Score
4.8
EPSS Score
0.006
Published
2022-06-06