Stored XSS Vulnerability in Add Category Functionality of SeedDMS Version 6.0.18 and 5.1.25

Stored XSS Vulnerability in Add Category Functionality of SeedDMS Version 6.0.18 and 5.1.25

CVE-2022-28051 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

The "Add category" functionality inside the "Global Keywords" menu in "SeedDMS" version 6.0.18 and 5.1.25, is prone to stored XSS which allows an attacker to inject malicious javascript code.

Learn more about our Web Application Penetration Testing UK.