CVE-2014-9301
- EPSS 4.21%
- Published 07.12.2014 21:59:02
- Last modified 12.04.2025 10:46:40
Server-side request forgery (SSRF) vulnerability in the proxy servlet in Alfresco Community Edition before 5.0.a allows remote attackers to trigger outbound requests to intranet servers, conduct port scans, and read arbitrary files via a crafted URI ...
CVE-2014-9300
- EPSS 0.13%
- Published 07.12.2014 21:59:01
- Last modified 12.04.2025 10:46:40
Cross-site request forgery (CSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition before 5.0.a allows remote attackers to hijack the authentication of users for requests tha...
CVE-2014-2939
- EPSS 0.59%
- Published 02.06.2014 19:55:03
- Last modified 12.04.2025 10:46:40
Multiple cross-site scripting (XSS) vulnerabilities in Alfresco Enterprise before 4.1.6.13 allow remote attackers to inject arbitrary web script or HTML via (1) an XHTML document, (2) a <% tag, or (3) the taskId parameter to share/page/task-edit.