Vulnerabilidades em DSpace
11 resultadosCVE-2021-41189HIGHCommunities and collections administrators can escalate their privilege up to system administratorEPSS 2.0%CVE-2022-31195HIGHPath traversal vulnerability in Simple Archive Format package import in DSpaceEPSS 1.1%CVE-2022-31194HIGHPath traversal vulnerabilities in DSpace JSPUI submission uploadEPSS 0.9%CVE-2022-31190MEDIUMMetadata of withdrawn Items is exposed to anonymous users in DSpace XMLUIEPSS 0.7%CVE-2022-31191HIGHCross Site Scripting possible in DSpace JSPUI spellcheck and autocomplete toolsEPSS 0.6%CVE-2022-31192HIGHCross Site Scripting possible in DSpace JSPUI "Request a Copy" featureEPSS 0.6%CVE-2022-31189MEDIUM"Internal System Error" page in DSpace JSPUI prints exceptions and stack traces without sanitizationEPSS 0.6%CVE-2022-31193HIGHURL Redirection to Untrusted Site in Dspace JSPUIEPSS 0.6%CVE-2025-53622MEDIUMDSpace has path traversal vulnerability in Simple Archive Format (SAF) package import via contents fileEPSS 0.4%CVE-2024-38364LOWDSpace Cross Site Scripting (XSS) via a deposited HTML/XML documentEPSS 0.4%CVE-2025-53621MEDIUMDSpace vulnerable to XML External Entity (XXE) injection in import via Simple Archive Format (SAF) or import from external sourcesEPSS 0.4%