NuytsTech Security

CVE-2021-3628

by ·

OpenKM Community Edition in its 6.3.10 version is vulnerable to authenticated Cross-site scripting (XSS). A remote attacker could exploit this vulnerability by injecting arbitrary code via de uuid parameter.

Date published : 2021-08-30

https://docs.openkm.com/kcenter/view/okm-6.3-com/migration-guide.html

https://github.com/openkm/document-management-system/issues/278

Tags: