exploitDog

GHSA-rrhw-9hrp-fr9r

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, and 3.20.x before 3.20.1 allows remote attackers to inject arbitrary web script or HTML via a crafted list name.

Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, and 3.20.x before 3.20.1 allows remote attackers to inject arbitrary web script or HTML via a crafted list name.

Ссылки

EPSS

Процентиль: 40%

0.00181

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2015-4639

CVSS3: 8.8

nvd

больше 8 лет назад

Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, and 3.20.x before 3.20.1 allows remote attackers to inject arbitrary web script or HTML via a crafted list name.

CVE-2015-4639

CVSS3: 8.8

debian

больше 8 лет назад

Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl ...

EPSS

Процентиль: 40%

0.00181

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-352