1 results (0.007 seconds)
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2025-0557 – Hyland Alfresco Community Edition URL s cross site scripting
https://notcve.org/view.php?id=CVE-2025-0557
18 Jan 2025 — A vulnerability classified as problematic has been found in Hyland Alfresco Community Edition and Alfresco Enterprise Edition up to 6.2.2. This affects an unknown part of the file /share/s/ of the component URL Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.292491 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •