Описание
Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with " prematurely ends the <input> tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | needs-triage | |
| jammy | DNE | |
| noble | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 8%
0.00027
Низкий
5.4 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.4
nvd
2 месяца назад
Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with `"` prematurely ends the `<input>` tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue.
CVSS3: 5.4
debian
2 месяца назад
Shaarli is a personal bookmarking service. Prior to version 0.16.0, cr ...
EPSS
Процентиль: 8%
0.00027
Низкий
5.4 Medium
CVSS3