Search Results | AttackerKB

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.

Attack Vector: Network Privileges: High User Interaction: Required

Attacker Value

Unknown

CVE-2023-3982

Disclosure Date: July 27, 2023 (last updated February 25, 2025)

Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.

Attack Vector: Network Privileges: High User Interaction: Required

Attacker Value

Unknown

CVE-2023-3981

Disclosure Date: July 27, 2023 (last updated February 25, 2025)

Server-Side Request Forgery (SSRF) in GitHub repository omeka/omeka-s prior to 4.0.2.

Attack Vector: Network Privileges: High User Interaction: None

Attacker Value

Unknown

CVE-2023-3980

Disclosure Date: July 27, 2023 (last updated February 25, 2025)

Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.

Attack Vector: Network Privileges: High User Interaction: Required

Attacker Value

Unknown

CVE-2021-26799

Disclosure Date: July 23, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka Classic <=2.7 allows remote attackers to inject arbitrary web script or HTML.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2018-13423

Disclosure Date: July 07, 2018 (last updated November 27, 2024)

admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag.

11 Total Results

Displaying 1-10 of 11

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Quick Cookie Notification