High severity7.3NVD Advisory· Published May 8, 2026· Updated May 8, 2026
CVE-2023-42344
CVE-2023-42344
Description
Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on a Chemistry servlet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.opencms:opencms-coreMaven | < 10.5.1 | 10.5.1 |
Affected products
2Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.