CVE-2022-47417

Name of the Vulnerable Software and Affected Versions LogicalDOC Enterprise and Community Edition (CE) (affected versions not specified)

Description The issue is a stored cross-site scripting (XSS) condition, specifically a "Type II" or persistent XSS, that occurs in the document file name. This means that an attacker could potentially inject malicious scripts into the file names of documents, which would then be executed when the file name is displayed or processed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.