3 matches found
CVE-2026-26378
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via file upload function in Invoice features...
EUVD-2026-34169
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via file upload function in Invoice features...
Koha 安全漏洞
Koha is a library automation management system developed by the Koha organization. Versions of Koha prior to 25.11 contained a security vulnerability, which stemmed from the file upload feature in the invoice function. This vulnerability could allow remote attackers to execute arbitrary code...