PT-2023-15294 · Openkm · Openkm

Matthew Kienow

Published

2023-02-07

Updated

2025-03-25

CVE-2022-47414

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions OpenKM (affected versions not specified)

Description A stored XSS issue is present in the document "note" functionality of OpenKM, accessible if an attacker has console access and is authenticated.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2022-47414

Affected Products

Openkm

PT-2023-15294 · Openkm · Openkm

CVE-2022-47414

Weakness Enumeration

Related Identifiers

Affected Products

References · 7