| CVE-2025-14691 |
medium |
6.1 |
6.1 |
|
|
|
6mo ago |
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be … |
| CVE-2025-14692 |
medium |
6.1 |
6.1 |
|
|
|
6mo ago |
A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element is an unknown function of the file /authentication/. This manipulation causes open redirect. It is possible to initiate the atta… |
| CVE-2014-3840 |
low |
— |
4.5 |
|
|
|
12y ago |
Mayan EDMS multiple cross-site scripting (XSS) vulnerabilities |
| CVE-2022-47419 |
unknown |
— |
— |
|
|
|
3y ago |
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system. |
| CVE-2018-16407 |
unknown |
— |
— |
|
|
|
8y ago |
An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has XSS because tag label values are mishandled. |
| CVE-2018-16406 |
unknown |
— |
— |
|
|
|
8y ago |
An issue was discovered in Mayan EDMS before 3.0.2. The Cabinets app has XSS via a crafted cabinet label. |
| CVE-2018-16405 |
unknown |
— |
— |
|
|
|
8y ago |
An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS. |
