Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Stored Cross-Site Scripting (XSS) vulnerability exists in SeedDMS 6.0.29. A user or rogue admin with the "Add Category" permission can inject a malicious XSS payload into the category name field. When a document is subsequently associated with this category, the payload is stored on the server and rendered without proper sanitization or output encoding. This results in the XSS payload executing in the browser of any user who views the document.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SeedDMS 安全漏洞
Vulnerability Description
SeedDMS是SeedDMS开源的一套基于PHP和MySql的开源文档管理系统。该系统主要用于存储和共享文档。 SeedDMS 6.0.29版本存在安全漏洞。攻击者利用该漏洞可以远程执行代码。
CVSS Information
N/A
Vulnerability Type
N/A