CVE-2014-2280
SeedDMS <4.3.4 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the search feature in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
References (5)
Scores
EPSS
0.0029
EPSS Percentile
52.5%
Details
CWE
CWE-79
Status
published
Products (4)
seeddms/seeddms
< 4.2.2
seeddms/seeddms
seeddms/seeddms
n/a/n/a
Published
Mar 20, 2014
Tracked Since
Feb 18, 2026