GHSA-5m6v-2xgf-qhrw
Suggest an improvement- Source
- https://github.com/advisories/GHSA-5m6v-2xgf-qhrw
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/02/GHSA-5m6v-2xgf-qhrw/GHSA-5m6v-2xgf-qhrw.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-5m6v-2xgf-qhrw
- Aliases
- Published
- 2023-02-08T00:30:34Z
- Modified
- 2025-03-25T16:02:55.763866Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- 5.1 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N CVSS Calculator
- Summary
- Mayan EDMS DMS XSS vulnerability
- Details
-
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system.
- Database specific
{ "github_reviewed_at": "2024-11-22T20:21:19Z", "severity": "MODERATE", "github_reviewed": true, "cwe_ids": [ "CWE-79" ], "nvd_published_at": "2023-02-07T22:15:00Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2022-47419
- https://github.com/mayan-edms/Mayan-EDMS
- https://github.com/pypa/advisory-database/tree/main/vulns/mayan-edms/PYSEC-2023-276.yaml
- https://www.mayan-edms.com/news/2023/02/version-4.3.6
- https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419
Affected packages
PyPI / mayan-edms
Package
- Name
- mayan-edms
- View open source insights on deps.dev
- Purl
- pkg:pypi/mayan-edms
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.6
Affected versions
1.*
1.0.rc1
1.0.rc2
1.0.rc3
1.0.0
1.1.0
1.1.1
2.*
2.0.0b1
2.0.0b2
2.0.0rc1
2.0.0
2.0.1
2.0.2
2.1rc1
2.1rc2
2.1
2.1.1
2.1.2
2.1.3
2.1.4
2.1.5
2.1.6
2.1.10
2.1.11
2.2b1
2.2b2
2.2b3
2.2rc1
2.2
2.3
2.4
2.5
2.5.1
2.5.2
2.6
2.6.1
2.6.2
2.6.3
2.6.4
2.7
2.7.1
2.7.2
2.7.3
3.*
3.0
3.0.1
3.0.2
3.0.3
3.1
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.1.6
3.1.7
3.1.8
3.1.9
3.1.10
3.2b1
3.2rc1
3.2
3.2.1
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7
3.2.8
3.2.9
3.2.10
3.2.11
3.3
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
3.3.7
3.3.8
3.3.9
3.3.10
3.3.11
3.3.12
3.3.13
3.3.14
3.3.15
3.3.16
3.3.17
3.3.18
3.4
3.4.1
3.4.2
3.4.3
3.4.4
3.4.5
3.4.6
3.4.7
3.4.8
3.4.9
3.4.10
3.4.11
3.4.12
3.4.13
3.4.14
3.4.15
3.4.16
3.4.17
3.4.18
3.4.19
3.4.20
3.4.21
3.4.22
3.5
3.5.1
3.5.2
3.5.3
3.5.4
3.5.5
3.5.6
3.5.7
3.5.8
3.5.9
3.5.10
3.5.11
3.5.12
4.*
4.0b1
4.0b2
4.0b3
4.0b4
4.0rc1
4.0rc2
4.0rc3
4.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0.10
4.0.11
4.0.12
4.0.13
4.0.14
4.0.15
4.0.16
4.0.17
4.0.18
4.0.19
4.0.20
4.0.21
4.0.22
4.0.23
4.0.24
4.1b1
4.1b2
4.1rc1
4.1rc2
4.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.1.8
4.1.9
4.1.10
4.1.11
4.1.12
4.2a1
4.2b1
4.2rc1
4.2
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.2.6
4.2.7
4.2.8
4.2.9
4.2.10
4.2.11
4.2.12
4.2.13
4.2.14
4.2.15
4.2.16
4.2.17
4.2.18
4.3a1
4.3rc1
4.3
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5