Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/156599/Alfresco-5.2.4-Cross-Site-Scripting.html | Third Party Advisory VDB Entry |
https://gitlab.com/snippets/1937042 | Exploit Third Party Advisory |
https://issues.alfresco.com/jira/browse/ALF-22110 | Permissions Required Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-02T18:30:13
Updated: 2020-03-03T15:06:01
Reserved: 2020-02-07T00:00:00
Link: CVE-2020-8778
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-03-02T19:15:12.930
Modified: 2022-05-24T17:43:04.450
Link: CVE-2020-8778
JSON object: View
Redhat Information
No data.
CWE