• Security Vulnerabilities on 6.3 - CE

  • OpenKM has many interesting features, but requires some configuration process to show its full potential.
OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 #52773  by MohamadAli
 
Hello,

In our company we are looking to deploy an edms, and OpenKM is on the list of possible solutions.
For now we are exploring 6.3 - CE, we have been working with it for 3 months (80 employees), it is hosted on a local server (no internet access).

To connect it to internet, we were looking for security issues and found that there is a Vulnerability in 6.3 CE (https://www.cvedetails.com/vulnerabilit ... penkm.html).

My question is, is there a way to solve this vulnerability in CE or should we switch to professional edition?

Also, can you provide us some info about pricing for professional edition?

Thanks
 #52779  by jllort
 
These vulnerabilities have been corrected in the last OpenKM version and currently, the application should not be affected by them. Usually, when users detect a vulnerability contact us, give time to solve it, and then they report in this kind of page ( that is the regular process ).
 #52798  by jllort
 
The OKMInstaller.jar available from here https://www.openkm.com/en/download.html will install the latest version of OpenKM ( last release from github ). You should use the installer ( in the download section of the website have a video where explain how to use the installer, watch it ).

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.