1 min read

XSS Vulnerabilities in Papermerge <= 2.0.0rc43

XSS Vulnerabilities in Papermerge <= 2.0.0rc43
Photo by JJ Ying / Unsplash

Multiple cross-site scripting (XSS) vulnerabilities in Papermerge allow remote attackers to inject arbitrary web script or HTML via various parameters.

Papermerge is an open source document management system (DMS) primarily designed for archiving and retrieving your digital documents. Instead of having piles of paper documents all over your desk, office or drawers - you can quickly scan them and configure your scanner to directly upload to Papermerge DMS.

Source: https://github.com/ciur/papermerge
CVE - CVE-2021-28231
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
CVE - CVE-2020-29456
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.