Approved changes feed: RSS · Atom
cpe:2.3:a:alfresco:alfresco:*:*:*:*:enterprise:*:*:*
part: a version: * update: *
| Vendor | Alfresco (b338720d-dfdf-5d10-a1a9-03dfedca0038) |
|---|---|
| Product | Alfresco (8c67c75f-906d-56ed-a53e-f29bc4184beb) |
| Edition | * |
| Language | * |
| Software edition | enterprise |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-8778 |
vulnerable | 2026-06-08 05:27:19.667551 |
Details available
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.
Published: 2020-03-02T18:30:13.000Z
Updated: 2024-08-04T10:12:10.551Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8777 |
vulnerable | 2026-06-08 05:27:19.667018 |
Details available
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.
Published: 2020-03-02T18:30:08.000Z
Updated: 2024-08-04T10:12:10.186Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8776 |
vulnerable | 2026-06-08 05:27:19.665516 |
Details available
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
Published: 2020-03-02T18:30:04.000Z
Updated: 2024-08-04T10:12:10.589Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-19496 |
vulnerable | 2026-06-08 05:13:23.009541 |
Details available
Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document.
Published: 2019-12-02T03:01:53.000Z
Updated: 2024-08-05T02:16:48.206Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-2939 |
vulnerable | 2026-06-08 05:05:30.482581 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in Alfresco Enterprise before 4.1.6.13 allow remote attackers to inject arbitrary web script or HTML via (1) an XHTML document, (2) a <% tag, or (3) the taskId parameter to share/page/task-edit.
Published: 2014-06-02T19:00:00.000Z
Updated: 2024-08-06T10:28:46.176Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.