Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown

CVE-2024-40500

Disclosure Date: August 12, 2024 (last updated February 26, 2025)
Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-3021

Disclosure Date: May 31, 2023 (last updated February 25, 2025)
Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to 5.10.4.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-3020

Disclosure Date: May 31, 2023 (last updated February 25, 2025)
Cross-site Scripting (XSS) - Reflected in GitHub repository mkucej/i-librarian-free prior to 5.10.4.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2011-4333

Disclosure Date: October 23, 2017 (last updated November 26, 2024)
Multiple cross-site scripting (XSS) vulnerabilities in LabWiki 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) from parameter to index.php or the (2) page_no parameter to recentchanges.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0