{"id":"CVE-2019-13234","details":"In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the search engine.","aliases":["GHSA-fxp8-7h5w-h235"],"modified":"2026-04-11T12:10:32.941547Z","published":"2019-08-27T12:15:12.373Z","database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:a:alkacon:opencms_apollo_template:10.5.5:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"10.5.5"}]}]},"references":[{"type":"WEB","url":"http://packetstormsecurity.com/files/154298/Alkacon-OpenCMS-10.5.x-Cross-Site-Scripting.html"},{"type":"FIX","url":"https://github.com/alkacon/apollo-template/commits/branch_10_5_x"},{"type":"EVIDENCE","url":"https://aetsu.github.io/OpenCms"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/alkacon/apollo-template","events":[{"introduced":"0"},{"last_affected":"e79434ea858a879fd9bc630830d293afb3fc2518"}],"database_specific":{"cpe":"cpe:2.3:a:alkacon:opencms_apollo_template:10.5.4:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"10.5.4"}]}}],"versions":["build_10_5_0","build_10_5_1","build_10_5_1_1","build_10_5_1_2","build_10_5_2","build_10_5_4"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-13234.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}