Hyland Alfresco Content Services — known CVE vulnerabilities
Every CVE whose affected-product data names Hyland Alfresco Content Services, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-49964 — CVSS 8.8 (high): An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file…
CVE-2026-26336 — CVSS 7.5 (high): Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories (like WEB-INF) via the…
CVE-2024-40347 — CVSS 6.1 (medium): A reflected cross-site scripting (XSS) vulnerability in Hyland Alfresco Platform 23.2.1-r96 allows attackers to execute arbitrary code in…