Unrated severityNVD Advisory· Published Nov 5, 2025· Updated Nov 5, 2025
CVE-2025-57244
CVE-2025-57244
Description
OpenKM Community Edition 6.3.12 is vulnerable to stored cross-site scripting (XSS) in the user account creation interface. The Name field accepts script tags and the Email field is vulnerable when the POST request is modified to include encoded script tags, by passing frontend validation.
Affected products
2- OpenKM/Community Editiondescription
- Range: = 6.3.12
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.