CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

BDU FSTEC•added 2019/02/05 12:0 a.m.•1 views

The vulnerability of the Xapian::MSet::snippet() function in the Xapian search library (xapian-core) allows a hacker to execute cross-site scripts.

The vulnerability of the Xapian::MSet::snippet function “queryparser/termgeneratorinternal.cc” from the Xapian full-text search library xapian-core is related to insufficient protection of the web page structure. Exploiting this vulnerability could allow a malicious actor to execute cross-site...

6.1CVSS6.5AI score0.01452EPSS

Exploits0References4Affected Software1

Snyk•added 2018/07/02 12:29 p.m.•3 views

Cross-site Scripting (XSS)

Overview xapian-core is a provides Xapian libraries and Ruby bindings. Affected versions of this package are vulnerable to Cross-site Scripting XSS. A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escapi...

6.1CVSS5.4AI score0.01452EPSS

Exploits0References2

OSV•added 2018/07/02 12:29 p.m.•2 views

ALPINE-CVE-2018-0499

A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...

6.1CVSS6.2AI score0.01452EPSS

Exploits0References1

Cvelist•added 2018/07/02 12:0 p.m.•19 views

CVE-2018-0499

A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...

5.8AI score0.01452EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by