Vulnerabilities in Popular DMS Products Can Expose Sensitive Documents

Multiple cross-site scripting (XSS) vulnerabilities in popular document management system (DMS) products could allow attackers to access sensitive documents, Rapid7 reports.DMS solutions help users manage the production, storage, and distribution of documents. They may also provide collaboration capabilities and support for managing other types of files.A total of eight XSS vulnerabilities were identified in products from OnlyOffice, OpenKM, LogicalDOC, and Mayan, all of which can be described a