VYPR

Bitnami package

alfresco

pkg:bitnami/alfresco

Vulnerabilities (4)

  • CVE-2020-18327Mar 4, 2022
    affected >= 5.2.0, <= 5.2.0

    Cross Site Scripting (XSS) vulnerability exists in Alfresco Alfresco Community Edition v5.2.0 via the action parameter in the alfresco/s/admin/admin-nodebrowser API. Fixed in v6.2

  • CVE-2020-8778Mar 2, 2020
    affected < 5.2.7fixed 5.2.7

    Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.

  • CVE-2020-8777Mar 2, 2020
    affected < 5.2.7fixed 5.2.7

    Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.

  • CVE-2020-8776Mar 2, 2020
    affected < 5.2.7fixed 5.2.7

    Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.