mayan-edms/mayan-edms

mayan-edms/mayan-edms

Advanced enterprise Free Open Source DMS (document management system).

CVE History

CVEPublishedCVSS v2CVSS v3
CVE-2018-164056.1 MEDIUM4.3 MEDIUM
An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS.
CVE-2018-164066.1 MEDIUM4.3 MEDIUM
An issue was discovered in Mayan EDMS before 3.0.2. The Cabinets app has XSS via a crafted cabinet label.
CVE-2018-164076.1 MEDIUM4.3 MEDIUM
An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has XSS because tag label values are mishandled.