Filtered by vendor Seafile
Subscriptions
Filtered by product Seafile
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28874 | 1 Seafile | 1 Seafile | 2024-11-21 | 6.1 Medium |
| The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites. | ||||
| CVE-2023-28873 | 1 Seafile | 1 Seafile | 2024-11-21 | 5.4 Medium |
| An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows attackers to inject JavaScript into the Markdown editor. | ||||
| CVE-2021-30146 | 1 Seafile | 1 Seafile | 2024-11-21 | 5.4 Medium |
| Seafile 7.0.5 (2019) allows Persistent XSS via the "share of library functionality." | ||||
| CVE-2013-7469 | 1 Seafile | 1 Seafile | 2024-11-21 | N/A |
| Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks. | ||||
Page 1 of 1.