Skip to main content

Dotcms

42 CVEs product

Monthly

CVE-2025-11165 CRITICAL Act Now

Sandbox escape in dotCMS Velocity scripting engine (VTools) allows authenticated users to execute arbitrary SQL. CVSS 9.9 with scope change — affects one of the largest Java CMS platforms.

Tomcat Java Dotcms
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2024-3938 MEDIUM This Month

The "reset password" login page accepted an HTML injection via URL parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Dotcms
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-3165 MEDIUM This Month

System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for database connections in the log output. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dotcms
NVD GitHub
CVSS 3.1
4.5
EPSS
0.5%
CVE-2024-3164 MEDIUM This Month

In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is and always has been an Admin portlet, is accessible to anyone with that portlet and not just to CMS. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dotcms
NVD GitHub
CVSS 3.1
4.5
EPSS
0.5%
CVE-2023-3042 MEDIUM This Month

In dotCMS, versions mentioned, a flaw in the NormalizationFilter does not strip double slashes (//) from URLs, potentially enabling bypasses for XSS and access controls. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java XSS Dotcms
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-35740 MEDIUM POC This Month

dotCMS before 22.06 allows remote attackers to bypass intended access control and obtain sensitive information by using a semicolon in a URL to introduce a matrix parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Tomcat XSS Dotcms
NVD GitHub
CVSS 3.1
6.1
EPSS
1.2%
CVE-2022-37431 MEDIUM This Month

A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dotcms
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-26352 CRITICAL POC KEV THREAT Emergency

An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal Dotcms
NVD
CVSS 3.1
9.8
EPSS
91.5%
CVE-2021-35361 MEDIUM POC This Month

A reflected cross site scripting (XSS) vulnerability in dotAdmin/#/c/links of dotCMS 21.05.1 allows attackers to execute arbitrary commands or HTML via a crafted payload. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-35360 MEDIUM POC This Month

A reflected cross site scripting (XSS) vulnerability in dotAdmin/#/c/containers of dotCMS 21.05.1 allows attackers to execute arbitrary commands or HTML via a crafted payload. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-35358 MEDIUM POC This Month

A stored cross site scripting (XSS) vulnerability in dotAdmin/#/c/c_Images of dotCMS 21.05.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-27848 HIGH POC PATCH This Week

dotCMS before 20.10.1 allows SQL injection, as demonstrated by the /api/v1/containers orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2020-35274 MEDIUM POC This Month

DotCMS Add Template with admin panel 20.11 is affected by cross-site Scripting (XSS) to gain remote privileges. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD Exploit-DB VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-6754 CRITICAL POC THREAT Act Now

dotCMS before 5.2.4 is vulnerable to directory traversal, leading to incorrect access control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Dotcms
NVD GitHub
CVSS 3.1
9.8
EPSS
94.8%
CVE-2019-12872 HIGH This Week

dotCMS before 5.1.6 is vulnerable to a SQL injection that can be exploited by an attacker of the role Publisher via view_unpushed_bundles.jsp. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Dotcms
NVD GitHub
CVSS 3.0
7.2
EPSS
1.3%
CVE-2019-12309 MEDIUM PATCH This Month

dotCMS before 5.1.0 has a path traversal vulnerability exploitable by an administrator to create files. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Dotcms
NVD GitHub
CVSS 3.0
4.9
EPSS
1.3%
CVE-2019-11846 MEDIUM POC This Month

/servlets/ajax_file_upload?fieldName=binary3 in dotCMS 5.1.1 allows XSS and HTML Injection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2018-19554 MEDIUM This Month

An issue was discovered in Dotcms through 5.0.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dotcms
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-16980 MEDIUM POC This Month

dotCMS V5.0.1 has XSS in the /html/portlet/ext/contentlet/image_tools/index.jsp fieldName and inode parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2017-15219 MEDIUM POC This Month

The dotCMS 4.1.1 application is vulnerable to Stored Cross-Site Scripting (XSS) affecting a vanity-urls Title field, a containers Description field, and a templates Description field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-11466 HIGH POC PATCH This Week

Arbitrary file upload vulnerability in com/dotmarketing/servlets/AjaxFileUploadServlet.class in dotCMS 4.1.1 allows remote authenticated administrators to upload .jsp files to arbitrary locations via. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE File Upload Path Traversal Dotcms
NVD GitHub
CVSS 3.0
7.2
EPSS
3.1%
CVE-2017-6003 MEDIUM This Month

dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_language in portal/layout via the bottom two form fields. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dotcms
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-5344 CRITICAL POC Act Now

An issue was discovered in dotCMS through 3.6.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Java Dotcms
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
8.1%
CVE-2017-5877 MEDIUM POC This Month

XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /about-us/locations/index direction parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-5876 MEDIUM POC This Month

XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /news-events/events date parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-5875 MEDIUM POC This Month

XSS was discovered in dotCMS 3.7.0, with an authenticated attack against the /myAccount addressID parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-2355 CRITICAL PATCH Act Now

SQL injection vulnerability in the REST API in dotCMS before 3.3.2 allows remote attackers to execute arbitrary SQL commands via the stName parameter to api/content/save/1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Dotcms
NVD GitHub
CVSS 3.0
9.8
EPSS
0.7%
CVE-2016-8908 HIGH POC PATCH This Week

SQL injection vulnerability in the "Site Browser > HTML pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
CVSS 3.0
8.8
EPSS
2.0%
CVE-2016-8907 HIGH POC PATCH This Week

SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
CVSS 3.0
8.8
EPSS
2.0%
CVE-2016-8906 HIGH POC PATCH This Week

SQL injection vulnerability in the "Site Browser > Links pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
CVSS 3.0
8.8
EPSS
2.0%
CVE-2016-8905 HIGH POC PATCH This Week

SQL injection vulnerability in the JSONTags servlet in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the sort parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
CVSS 3.0
8.8
EPSS
2.0%
CVE-2016-8904 HIGH POC PATCH This Week

SQL injection vulnerability in the "Site Browser > Containers pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
CVSS 3.0
8.8
EPSS
1.4%
CVE-2016-8903 HIGH POC PATCH This Week

SQL injection vulnerability in the "Site Browser > Templates pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
CVSS 3.0
8.8
EPSS
1.4%
CVE-2016-8902 CRITICAL POC PATCH Act Now

SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
CVSS 3.0
9.8
EPSS
1.4%
CVE-2016-8600 HIGH POC This Week

In dotCMS 3.2.1, attacker can load captcha once, fill it with correct value and then this correct value is ok for forms with captcha check later. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dotcms
NVD GitHub
CVSS 3.0
7.5
EPSS
0.9%
CVE-2016-4803 HIGH POC This Week

CRLF injection vulnerability in the send email functionality in dotCMS before 3.3.2 allows remote attackers to inject arbitrary email headers via CRLF sequences in the subject. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Dotcms
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2016-4040 HIGH This Week

SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote administrators to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Dotcms
NVD GitHub
CVSS 3.0
7.2
EPSS
0.4%
CVE-2016-3688 MEDIUM POC This Month

SQL injection vulnerability in dotCMS before 3.5 allows remote administrators to execute arbitrary SQL commands via the c0-e3 parameter to dwr/call/plaincall/UserAjax.getUsersList.dwr. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Information Disclosure Dotcms
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-3972 LOW POC Monitor

Directory traversal vulnerability in the dotTailLogServlet in dotCMS before 3.5.1 allows remote authenticated administrators to read arbitrary files via a .. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Dotcms
NVD
CVSS 3.0
2.7
EPSS
0.1%
CVE-2016-3971 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in lucene_search.jsp in dotCMS before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to c/portal/layout. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD
CVSS 3.0
4.8
EPSS
0.2%
CVE-2013-3484 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in dotCMS before 2.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) _loginUserName parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-1826 Maven MEDIUM PATCH This Month

dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute arbitrary Java code via a crafted (1) XSLT or (2) Velocity template. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.

Privilege Escalation Java Dotcms
NVD GitHub
CVSS 2.0
6.0
EPSS
1.0%
EPSS 0% CVSS 9.9
CRITICAL Act Now

Sandbox escape in dotCMS Velocity scripting engine (VTools) allows authenticated users to execute arbitrary SQL. CVSS 9.9 with scope change — affects one of the largest Java CMS platforms.

Tomcat Java Dotcms
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The "reset password" login page accepted an HTML injection via URL parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Dotcms
NVD
EPSS 0% CVSS 4.5
MEDIUM This Month

System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for database connections in the log output. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Dotcms
NVD GitHub
EPSS 0% CVSS 4.5
MEDIUM This Month

In dotCMS dashboard, the Tools and Log Files tabs under System → Maintenance Portlet, which is and always has been an Admin portlet, is accessible to anyone with that portlet and not just to CMS. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dotcms
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM This Month

In dotCMS, versions mentioned, a flaw in the NormalizationFilter does not strip double slashes (//) from URLs, potentially enabling bypasses for XSS and access controls. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java XSS Dotcms
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

dotCMS before 22.06 allows remote attackers to bypass intended access control and obtain sensitive information by using a semicolon in a URL to introduce a matrix parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Tomcat XSS +1
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM This Month

A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dotcms
NVD
EPSS 92% CVSS 9.8
CRITICAL POC KEV THREAT Emergency

An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal Dotcms
NVD
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A reflected cross site scripting (XSS) vulnerability in dotAdmin/#/c/links of dotCMS 21.05.1 allows attackers to execute arbitrary commands or HTML via a crafted payload. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A reflected cross site scripting (XSS) vulnerability in dotAdmin/#/c/containers of dotCMS 21.05.1 allows attackers to execute arbitrary commands or HTML via a crafted payload. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC This Month

A stored cross site scripting (XSS) vulnerability in dotAdmin/#/c/c_Images of dotCMS 21.05.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

dotCMS before 20.10.1 allows SQL injection, as demonstrated by the /api/v1/containers orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

DotCMS Add Template with admin panel 20.11 is affected by cross-site Scripting (XSS) to gain remote privileges. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD Exploit-DB VulDB
EPSS 95% CVSS 9.8
CRITICAL POC THREAT Act Now

dotCMS before 5.2.4 is vulnerable to directory traversal, leading to incorrect access control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Dotcms
NVD GitHub
EPSS 1% CVSS 7.2
HIGH This Week

dotCMS before 5.1.6 is vulnerable to a SQL injection that can be exploited by an attacker of the role Publisher via view_unpushed_bundles.jsp. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Dotcms
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

dotCMS before 5.1.0 has a path traversal vulnerability exploitable by an administrator to create files. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Dotcms
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

/servlets/ajax_file_upload?fieldName=binary3 in dotCMS 5.1.1 allows XSS and HTML Injection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

An issue was discovered in Dotcms through 5.0.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dotcms
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

dotCMS V5.0.1 has XSS in the /html/portlet/ext/contentlet/image_tools/index.jsp fieldName and inode parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

The dotCMS 4.1.1 application is vulnerable to Stored Cross-Site Scripting (XSS) affecting a vanity-urls Title field, a containers Description field, and a templates Description field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD
EPSS 3% CVSS 7.2
HIGH POC PATCH This Week

Arbitrary file upload vulnerability in com/dotmarketing/servlets/AjaxFileUploadServlet.class in dotCMS 4.1.1 allows remote authenticated administrators to upload .jsp files to arbitrary locations via. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE File Upload Path Traversal +1
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM This Month

dotCMS 3.7.0 has XSS reachable from ext/languages_manager/edit_language in portal/layout via the bottom two form fields. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dotcms
NVD
EPSS 8% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in dotCMS through 3.6.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Java Dotcms
NVD GitHub Exploit-DB
EPSS 0% CVSS 6.1
MEDIUM POC This Month

XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /about-us/locations/index direction parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC This Month

XSS was discovered in dotCMS 3.7.0, with an unauthenticated attack against the /news-events/events date parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

XSS was discovered in dotCMS 3.7.0, with an authenticated attack against the /myAccount addressID parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

SQL injection vulnerability in the REST API in dotCMS before 3.3.2 allows remote attackers to execute arbitrary SQL commands via the stName parameter to api/content/save/1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Dotcms
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

SQL injection vulnerability in the "Site Browser > HTML pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

SQL injection vulnerability in the "Site Browser > Links pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

SQL injection vulnerability in the JSONTags servlet in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the sort parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

SQL injection vulnerability in the "Site Browser > Containers pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

SQL injection vulnerability in the "Site Browser > Templates pages" screen in dotCMS before 3.3.1 allows remote authenticated attackers to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Dotcms
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

In dotCMS 3.2.1, attacker can load captcha once, fill it with correct value and then this correct value is ok for forms with captcha check later. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dotcms
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

CRLF injection vulnerability in the send email functionality in dotCMS before 3.3.2 allows remote attackers to inject arbitrary email headers via CRLF sequences in the subject. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Dotcms
NVD
EPSS 0% CVSS 7.2
HIGH This Week

SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote administrators to execute arbitrary SQL commands via the orderby parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Dotcms
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

SQL injection vulnerability in dotCMS before 3.5 allows remote administrators to execute arbitrary SQL commands via the c0-e3 parameter to dwr/call/plaincall/UserAjax.getUsersList.dwr. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Information Disclosure Dotcms
NVD
EPSS 0% CVSS 2.7
LOW POC Monitor

Directory traversal vulnerability in the dotTailLogServlet in dotCMS before 3.5.1 allows remote authenticated administrators to read arbitrary files via a .. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Dotcms
NVD
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in lucene_search.jsp in dotCMS before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to c/portal/layout. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in dotCMS before 2.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) _loginUserName parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Dotcms
NVD GitHub VulDB
EPSS 1% CVSS 6.0
MEDIUM PATCH This Month

dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute arbitrary Java code via a crafted (1) XSLT or (2) Velocity template. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.

Privilege Escalation Java Dotcms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy