Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allows remote authenticated users to inject arbitrary web script or HTML via the Tasks parameter.
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- securityfocus.com: 73012 vdb-entryx_transferred
- https://www.youtube.com/watch?v=3jBQFAAq23k&feature=youtu.be x_transferred
- http://packetstormsecurity.com/files/130723/OpenKM-Stored-Cross-Site-Scripting.html x_transferred