mayan-edms/Mayan-EDMS

Releases203

Frequency2 weeks 6 days

Last Release over 3 years ago

Stars813

Free Open Source Document Management System (mirror, no pull request or issues)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2014-3840 ↗	May 27, 2014Tuesday, 27 May 2014, 13:55	—	3.5 LOW
Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_form_title.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a (1) tag or the (2) title of a source in a Staging folder, (3) Name field in a bootstrap setup, or Title field in a (4) smart link or (5) web form.