Security Updates

• Session Fixation vulnerability
  31-10-2018      affects versions : 12.4, 12.3, 11.2, 10.2


• XSS vulnerability in Channel Overview via malformed channel name
  31-10-2018      affects versions : 12.5, 12.4, 11.2, 10.2


• DoS (OOM) Vulnerability in Apache PDFBox's AFMParser (CVE-2018-8036)
  31-10-2018      affects versions : 12.5, 12.4, 11.2, 10.2


• Improperly Implemented Security Check for Standard, Improper Authorization and Improper Input Validation in Spring Framework (CVE-2018-1257, CVE-2018-1258, CVE-2018-1270)
  31-10-2018      affects versions :


• XSS vulnerability through table summary in rich text field
  13-06-2018      affects versions : 12.3, 11.2, 10.2


• DoS Vulnerabilities in BPG and CHM Parsers of Apache Tika (CVE-2018-1338, CVE-2018-1339)
  07-05-2018      affects versions : 12.3, 12.2, 11.2, 10.2


• Improper Access Control vulnerability in Apache Commons FileUpload (CVE-2016-1000031)
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• XSS Vulnerability in HST MessagesReplace Tag
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• Multiple Vulnerabilities in Camunda Web Application
  26-04-2018      affects versions : 12.2


• Multiple DOS and XXE Vulnerabilities in Apache POI
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• DOS vulnerability in Apache Xerces2 (CVE-2012-0881)
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• Multiple XXS and DOS vulnerabilities in Apache Wicket 6
  26-04-2018      affects versions : 11.2, 10.2


• Multiple Vulnerabilities in Apache Groovy
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• Multiple Spring Framework and Spring Security Vulnerabilities
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• Multiple deserialization vulnerabilities in FasterXML Jackson2 databind
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• XSS vulnerability in JSoup (CVE-2015-6748)
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• XSS vulnerability in CKEditor 'image2' plugin
  26-04-2018      affects versions : 12.2, 12.1, 11.2


• XXE vulnerability in Apache PDFBox (CVE-2016-2175)
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• Deserialization of Untrusted Data in Apache Tika (CVE-2016-6809)
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• Improper Input Validation in Apache Commons BeanUtils (CVE-2014-0114)
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• CSRF vulnerability in Apache Jackrabbit webdav module (CVE-2016-6801)
  26-04-2018      affects versions : 11.2, 10.2


• Multiple Vulnerabilities in Apache HTTP Components and Apache HTTP Client
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• XSS vulnerabilities in translation dialogs
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• XSS vulnerability in reporting dashboard via document names
  26-04-2018      affects versions : 12.2, 11.2, 10.2


• XSS vulnerability in Dashboard via user IDs
  26-04-2018      affects versions : 12.2, 11.2, 10.2

• Previous
• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• Next