Alkacon OpenCms is vulnerable to XSS via cmis-online/type
Moderate severity
GitHub Reviewed
Published
May 8, 2026
to the GitHub Advisory Database
•
Updated May 14, 2026
Description
Published by the National Vulnerability Database
May 8, 2026
Published to the GitHub Advisory Database
May 8, 2026
Reviewed
May 14, 2026
Last updated
May 14, 2026
A Cross Site Scripting vulnerability in Alkacon OpenCms before 10.5.1 exists via cmis-online/type.
References