CVE-2022-47415

CVE-2022-47415: LogicalDOC Messaging Stored XSS

Vendor Logicaldoc
Product LogicalDOC Enterprise
Weakness CWE-79 · XSS
Published February 7, 2023
Last update March 25, 2025

CVSS base score

What the vulnerability does

01Description

LogicalDOC Enterprise and Community Edition (CE) are vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition in the in-app messaging system (both subject and message bodies).

Key dates

02Disclosure timeline

February 7, 2023 CVE published
March 25, 2025 Record updated

Related vulnerabilities

04Related CVE