Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Alfresco Subscribe
Filtered by product Alfresco Transform Services
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41792 1 Alfresco 2 Alfresco Content Services, Alfresco Transform Services 2021-10-27 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to the attacker, i.e., this is blind SSRF.