Vulnerabilidades em docmost

8 resultados

CVE-2026-22249HIGHDocmost affected by an Arbitrary File Write via Zip Import Feature (ZipSlip)EPSS 0.5%CVE-2026-23630MEDIUMDocmost is vulnerable to stored Cross-Site Scripting (XSS) through Mermaid renderingEPSS 0.2%CVE-2026-24045HIGHDocmost Affected by Stored XSS in Public Share PageEPSS 0.2%CVE-2026-33146MEDIUMDocmost's Public Share Search Exposes Metadata of Restricted ChildrenEPSS 0.2%CVE-2026-34212MEDIUMDocmost page content has stored XSS via unsanitized attachment URLsEPSS 0.2%CVE-2026-33193MEDIUMDocmost vulnerable to stored XSS via MIME type spoofingEPSS 0.2%CVE-2026-34213MEDIUMDocmost has cross-page attachment overwrite via flawed attachmentId overwrite validationEPSS 0.2%CVE-2026-40927MEDIUMDocmost: XSS in Comments with JavaScript URIEPSS 0.1%