org.opencms:opencms-core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2023-42345Mediumorg.opencms:opencms-core: Alkacon OpenCms is vulnerable to XSS via updateModelGroups.jspCVE-2023-42346Highorg.opencms:opencms-core: Alkacon OpenCms is vulnerable to XXE when the <!DOCTYPE> refers to an external hostCVE-2023-42344Highorg.opencms:opencms-core: Alkacon OpenCms allows remote unauthenticated attackers to obtain sensitive informationCVE-2023-42343Mediumorg.opencms:opencms-core: Alkacon OpenCms is vulnerable to XSS via cmis-online/typeCVE-2024-42699Loworg.opencms:opencms-core: OpenCMS Cross-Site Scripting vulnerabilityCVE-2024-41446Mediumorg.opencms:opencms-core: OpenCMS cross-site scripting (XSS) vulnerabilityCVE-2024-41447Mediumorg.opencms:opencms-core: Alkacon OpenCMS stored cross-site scripting (XSS) vulnerabilityCVE-2024-5520Mediumorg.opencms:opencms-core: OpenCMS Cross-Site Scripting vulnerabilityCVE-2023-6379Mediumorg.opencms:opencms-core: Alkacon OpenCMS XSS via Mercury templateCVE-2023-37602Mediumorg.opencms:opencms-core: Alkacon OpenCMS arbitrary file upload vulnerabilityCVE-2023-31544Mediumorg.opencms:opencms-core: alkacon-OpenCMS vulnerable to stored Cross-site ScriptingCVE-2019-11818Loworg.opencms:opencms-core: Alkacon OpenCMS XSS via New User moduleCVE-2019-11819Highorg.opencms:opencms-core: Alkacon OpenCMS CSV Injection via New User moduleCVE-2013-4600Loworg.opencms:opencms-core: Alkacon OpenCMS XSS via title and requestedResource parametersCVE-2015-2351Loworg.opencms:opencms-core: Alkacon OpenCMS XSS via homelink, workplaceresource, mode and query parametersCVE-2008-1753Loworg.opencms:opencms-core: Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jspCVE-2008-1510Loworg.opencms:opencms-core: Alkacon OpenCMS XSS via searchfilter or listSearchFilter parameterCVE-2008-1300Loworg.opencms:opencms-core: Alkacon Open CMS XSS via Logfile Viewer Settings functionCVE-2008-1301Mediumorg.opencms:opencms-core: Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameterCVE-2008-1045Loworg.opencms:opencms-core: Alkacon OpenCMS XSS via file tree navigation in system/workplace/views/explorer/tree_files.jspCVE-2006-3936Mediumorg.opencms:opencms-core: Alkacon OpenCms Exposes JSP Source CodeCVE-2006-3935Mediumorg.opencms:opencms-core: Alkacon OpenCMS Improper Access Control via system/workplace/views/admin/admin-main.jspCVE-2006-3934Mediumorg.opencms:opencms-core: Alkacon OpenCMS Absolute Path Traversal via pathname in filePath parameterCVE-2006-3933Loworg.opencms:opencms-core: Alkacon OpenCms XSS via unsanitized message bodyCVE-2006-2571Loworg.opencms:opencms-core: Alkacon OpenCms XSS via query parameter in a search action

Stop the waste.
Protect your environment with Kodem.