icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

OpenCms Multiple Input Validation Vulnerabilities

Medium

Synopsis

The remote web server is vulnerable to multiple attack vectors.

Description

The remote web server is running Alkacon OpenCms, a web-based content management system. The installed version is earlier than 7.5.1. Such versions are potentially affected by multiple issues :

- Multiple cross-site scripting issues.

- Multiple SQL-injection issues.

- Multiple input-validation vulnerabilities that allow 'phishing through frames' attacks.

- Multiple input-validation vulnerabilities that may results in information disclosure.

Solution

Upgrade to OpenCms 7.5.1 or later.