13 matches found
CVE-2026-42451
Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting XSS vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser wi...
CVE-2026-42451
Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting XSS vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser wi...
CVE-2026-42451 Grimmory: Stored XSS via Malicious EPUB Enables Session Token Theft
Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting XSS vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser wi...
CVE-2026-42451 Grimmory: Stored XSS via Malicious EPUB Enables Session Token Theft
Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting XSS vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser wi...
CVE-2026-42451
Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting XSS vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser wi...
EUVD-2026-28861
Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting XSS vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser wi...
Grimmory 跨站脚本漏洞
Grimmory is an open-source e-book management software developed by Grimmory. Versions of Grimmory prior to 2.3.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the browser EPUB reader, allowing attackers to embed arbitrary JavaScript in specially crafted EPUB file...
PT-2026-39217
Name of the Vulnerable Software and Affected Versions Grimmory versions prior to 2.3.1 Description A stored cross-site scripting XSS issue in the browser-based EPUB reader allows an attacker to embed arbitrary JavaScript within a crafted EPUB file. When a user opens the affected book, the script...
CVE-2025-63365
SoftSea EPUB File Reader 1.0.0.0 is vulnerable to Directory Traversal. The vulnerability resides in the EPUB file processing component, specifically in the functionality responsible for extracting and handling EPUB archive contents...
CVE-2025-63365
SoftSea EPUB File Reader 1.0.0.0 is affected by a Directory Traversal vulnerability in the EPUB processing component that handles archive extraction. The CVE details indicate a LOCAL attack vector with LOW attack complexity, requiring user interaction, and resulting in HIGH impact to confidential...
Linux Distros Unpatched Vulnerability : CVE-2016-10187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. CVE-2016-10187 Note that Nessu...
PocketBook - PDF, EPUB reader - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application PocketBook - PDF, EPUB reader published at the 'play' market has multiple vulnerabilities...
ePub Reader for Android - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application ePub Reader for Android published at the 'play' market has multiple vulnerabilities...