20 matches found
EUVD-2023-1232
Malicious code in bioql PyPI...
EUVD-2023-1210
Malicious code in bioql PyPI...
EUVD-2023-1163
Malicious code in bioql PyPI...
CVE-2023-29015
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core prior to version 23.03. An attacker could create a specially crafted comment, resulting ...
CVE-2023-29014
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID parameter. An attacker could trick a user into following ...
Goobi viewer Core Reflected Cross-Site Scripting Vulnerability Using LOGID Parameter
Impact A reflected cross-site scripting vulnerability has been identified in Goobi viewer core when evaluating the LOGID parameter. An attacker could trick a user into following a specially crafted link to a Goobi viewer installation, resulting in the execution of malicious script code in the...
GHSA-622W-995C-3C3H Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments
Impact A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core. An attacker could create a specially crafted comment, resulting in the execution of malicious script code in the user's browser when displaying the comment. Patches The vulnerability...
Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments
Impact A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core. An attacker could create a specially crafted comment, resulting in the execution of malicious script code in the user's browser when displaying the comment. Patches The vulnerability...
Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames
Impact A cross-site scripting vulnerability has been identified in Goobi viewer core when using nicknames. An attacker could create a user account and enter malicious scripts into their profile's nickname, resulting in the execution in the user's browser when displaying the nickname on certain...
CVE-2023-29016
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create a user account and enter malicious scripts int...
CVE-2023-29014
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID parameter. An attacker could trick a user into following ...
Cross site scripting
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create a user account and enter malicious scripts int...
CVE-2023-29016 Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create a user account and enter malicious scripts int...
CVE-2023-29016 Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create a user account and enter malicious scripts int...
CVE-2023-29016 Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create a user account and enter malicious scripts int...
CVE-2023-29015 Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core prior to version 23.03. An attacker could create a specially crafted comment, resulting ...
CVE-2023-29015 Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core prior to version 23.03. An attacker could create a specially crafted comment, resulting ...
CVE-2023-29014 Goobi viewer Core Reflected Cross-Site Scripting Vulnerability Using LOGID Parameter
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID parameter. An attacker could trick a user into following ...
CVE-2023-29014 Goobi viewer Core Reflected Cross-Site Scripting Vulnerability Using LOGID Parameter
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID parameter. An attacker could trick a user into following ...
Intranda Goobi Viewer Core 跨站脚本漏洞
Intranda Goobi Viewer Core is a Web-based digital library system from Intranda, Germany. A cross-site scripting vulnerability exists in Intranda Goobi Viewer Core prior to version 23.03, which stems from a cross-site scripting XSS vulnerability in the user comments feature. The vulnerability can ...