Shodan
Vulnerabilities
Vulnerable Software
Alfresco:  >> Alfresco  >> 4.1.6  Security Vulnerabilities
CVE-2020-8776
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
CVSS Score
5.4
EPSS Score
0.008
Published
2020-03-02
CVE-2020-8777
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.
CVSS Score
5.4
EPSS Score
0.006
Published
2020-03-02
CVE-2020-8778
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.
CVSS Score
5.4
EPSS Score
0.008
Published
2020-03-02
CVE-2019-19496
Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document.
CVSS Score
5.4
EPSS Score
0.003
Published
2019-12-02
CVE-2014-2939
Multiple cross-site scripting (XSS) vulnerabilities in Alfresco Enterprise before 4.1.6.13 allow remote attackers to inject arbitrary web script or HTML via (1) an XHTML document, (2) a <% tag, or (3) the taskId parameter to share/page/task-edit.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-06-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved