2023-02-07 21:41:39
rapid7
PUBLISHED
If an attacker has access to the console for OpenKM (and is authenticated), a stored XSS vulnerability is reachable in the document "note" functionality.