Lucene search

CVE-2024-39123

🗓️ 19 Jul 2024 20:07:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 29 Views🌐 WEB

Janeczku Calibre-Web 0.6.0 to 0.6.21 XSS Vulnerability via edit_book_comments

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
0day.today	Calibre-web 0.6.21 - Stored XSS Vulnerability	24 Aug 202400:00	–	zdt
NVD	CVE-2024-39123	19 Jul 202420:15	–	nvd
Cvelist	CVE-2024-39123	19 Jul 202400:00	–	cvelist
Vulnrichment	CVE-2024-39123	19 Jul 202400:00	–	vulnrichment
Veracode	Cross Site Scripting(XSS)	22 Jul 202405:31	–	veracode
Packet Storm	Calibre Web 0.6.21 Cross Site Scripting	26 Aug 202400:00	–	packetstorm
OSV	GHSA-J22R-3RF3-CV25 Calibre-Web Cross Site Scripting (XSS)	19 Jul 202421:31	–	osv
Exploit DB	Calibre-web 0.6.21 - Stored XSS	23 Aug 202400:00	–	exploitdb
Github Security Blog	Calibre-Web Cross Site Scripting (XSS)	19 Jul 202421:31	–	github

Source	Link
github	www.github.com/pentesttoolscom/vulnerability-research/tree/master/CVE-2024-39123

Parameter	Position	Path	Description	CWE
Comments	request body	/table?data=list&sort_param=stored	Stored Cross-Site Scripting (XSS) vulnerability allows injection of malicious scripts in user comments.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Jul 2024 20:15Current

5.9Medium risk

Vulners AI Score5.9

CVSS35.4

EPSS0.00637

SSVC

CWE-79