Lucene search

K

GoogleOSV:CVE-2022-27920

HistoryMar 25, 2022 - 8:15 p.m.

CVE-2022-27920

2022-03-2520:15:09

Google

osv.dev

4

libkiwix

xss

vulnerability

webserver

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

30.9%

libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. This is fixed in 10.1.0.

References

github.com/kiwix/libkiwix/issues/728

github.com/kiwix/libkiwix/pull/721

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KD4KX5N2PGMIOQR2IZWEUTZCCTPWU3EJ/

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

30.9%

Related for OSV:CVE-2022-27920

nvd1 cve1 cvelist1 prion1 fedora1 openvas1 ubuntucve1 debiancve1 veracode1