Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/156599/Alfresco-5.2.4-Cross-Site-Scripting.html | Third Party Advisory VDB Entry |
https://gitlab.com/snippets/1937042 | Exploit Third Party Advisory |
https://issues.alfresco.com/jira/browse/ALF-22110 | Permissions Required Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-02T18:30:04
Updated: 2020-03-03T15:06:00
Reserved: 2020-02-07T00:00:00
Link: CVE-2020-8776
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-03-02T19:15:12.820
Modified: 2022-05-24T17:42:36.570
Link: CVE-2020-8776
JSON object: View
Redhat Information
No data.
CWE