Seeddms: community verdicts
3 notable / known-exploited Seeddms CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Seeddms CVE, see NVD ↗.
- CVE-2020-28727MED 6.1EPSS 1%
Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php.
- CVE-2021-26216MED 4.3EPSS 0%
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
- CVE-2021-26215MED 4.3EPSS 0%
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.