Cross-site scripting (XSS) vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the searchfilter parameter, a different vector than CVE-2008-1510.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.opencms:opencms-core(Maven) | 0 | 7.0.4 | N/A |
CVSS Metrics
