CVE-2015-1032

Опубликовано: 21 янв. 2015

Источник: ubuntu

Приоритет: medium

CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when using kiwix-serve, allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to /search.

Релиз	Статус	Примечание
devel	not-affected
esm-apps/jammy	not-affected
hirsute	not-affected	2.0.5-3
impish	not-affected
jammy	not-affected
trusty	ignored	end of standard support
upstream	released	2.0.4-1
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2015-1032

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2015-1032

nvd

около 11 лет назад

Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when using kiwix-serve, allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to /search.

CVE-2015-1032

debian

около 11 лет назад

Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when u ...

GHSA-jrf3-5554-9xcf

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when using kiwix-serve, allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to /search.

4.3 Medium

CVSS2

CVE-2015-1032

Описание

Пакет kiwix

Ссылки на источники

Связанные уязвимости