12 matches found
Goobi viewer - Core 访问控制错误漏洞
Goobi Viewer - Core is a digital data display and browsing web application framework developed by intranda GmbH. In versions 4.8.0 to 26.04.1 of Goobi Viewer - Core, there was an access control vulnerability. This vulnerability stemmed from REST endpoints accepting arbitrary Solr stream expressio...
GHSA-622W-995C-3C3H Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments
Impact A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core. An attacker could create a specially crafted comment, resulting in the execution of malicious script code in the user's browser when displaying the comment. Patches The vulnerability...
Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments
Impact A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core. An attacker could create a specially crafted comment, resulting in the execution of malicious script code in the user's browser when displaying the comment. Patches The vulnerability...
Intranda Goobi Viewer Core 跨站脚本漏洞
Intranda Goobi Viewer Core is a Web-based digital library system from Intranda, Germany. A cross-site scripting vulnerability exists in Intranda Goobi Viewer Core versions prior to 23.03, which stems from the presence of a cross-site scripting XSS vulnerability. The vulnerability can be exploited...
Intranda Goobi Viewer Core 跨站脚本漏洞
Intranda Goobi Viewer Core is a Web-based digital library system from Intranda, Germany. A cross-site scripting vulnerability exists in Intranda Goobi Viewer Core prior to version 23.03, which stems from a cross-site scripting XSS vulnerability in the user comments feature. The vulnerability can ...
Intranda Goobi Viewer Core Path Traversal Vulnerability
Intranda Goobi Viewer Core is a Web-based digital library system from Intranda, Germany. A path traversal vulnerability exists in Intranda Goobi Viewer Core versions prior to 4.8.3. A remote attacker could exploit this vulnerability to access files on the server...
CVE-2020-15124
In Goobi Viewer Core before version 4.8.3, a path traversal vulnerability allows for remote attackers to access files on the server via the application. This is limited to files accessible to the application server user, eg. tomcat, but can potentially lead to the disclosure of sensitive...
CVE-2020-15124
In Goobi Viewer Core before version 4.8.3, a path traversal vulnerability allows for remote attackers to access files on the server via the application. This is limited to files accessible to the application server user, eg. tomcat, but can potentially lead to the disclosure of sensitive...
CVE-2020-15124
In Goobi Viewer Core before version 4.8.3, a path traversal vulnerability allows for remote attackers to access files on the server via the application. This is limited to files accessible to the application server user, eg. tomcat, but can potentially lead to the disclosure of sensitive...
Path traversal
In Goobi Viewer Core before version 4.8.3, a path traversal vulnerability allows for remote attackers to access files on the server via the application. This is limited to files accessible to the application server user, eg. tomcat, but can potentially lead to the disclosure of sensitive...
CVE-2020-15124 Path traversal in Goobi viewer Core
In Goobi Viewer Core before version 4.8.3, a path traversal vulnerability allows for remote attackers to access files on the server via the application. This is limited to files accessible to the application server user, eg. tomcat, but can potentially lead to the disclosure of sensitive...
CVE-2020-15124
Goobi Viewer Core contains a path traversal vulnerability affecting versions prior to 4.8.3. The issue could allow remote attackers to access files on the server that are readable by the application server user (e.g., Tomcat), potentially leading to disclosure of sensitive information. The vulner...