Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/02/27 4:13 a.m.9 views

CVE-2026-27974

Audiobookshelf is a self-hosted audiobook and podcast server. A cross-site scripting XSS vulnerability exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modificatio...

4.8CVSS5.7AI score0.00189EPSS
Exploits0References1
NVD
NVD
added 2026/02/26 2:16 a.m.12 views

CVE-2026-27973

Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library...

4.8CVSS0.00164EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/26 2:10 a.m.27 views

CVE-2026-27974 Audiobooksheld VUlnerable to Stored XSS in WrappingMarquee.js via Audiobook Metadata (Mobile App Audio Player)

Audiobookshelf is a self-hosted audiobook and podcast server. A cross-site scripting XSS vulnerability exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modificatio...

4.8CVSS0.00189EPSS
Exploits0References2
CVE
CVE
added 2026/02/26 2:10 a.m.13 views

CVE-2026-27974

Audiobookshelf mobile app vulnerable to cross-site scripting (XSS) in all pre-0.12.0-beta versions. Malicious library metadata can execute JavaScript in victim WebViews when an attacker has library modification privileges or controls a malicious podcast RSS feed, potentially enabling session hija...

4.8CVSS5.7AI score0.00189EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/02/26 2:10 a.m.5 views

CVE-2026-27974 Audiobooksheld VUlnerable to Stored XSS in WrappingMarquee.js via Audiobook Metadata (Mobile App Audio Player)

Audiobookshelf is a self-hosted audiobook and podcast server. A cross-site scripting XSS vulnerability exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modificatio...

4.8CVSS6.2AI score0.00189EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/26 2:6 a.m.6 views

CVE-2026-27973 Audiobookshelf has Stored XSS in ItemSearchCard.vue via Audiobook Metadata (Search Results on Mobile App)

Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library...

4CVSS5.7AI score0.00164EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/26 2:6 a.m.7 views

CVE-2026-27973

Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library...

4.8CVSS5.7AI score0.00164EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2026/02/26 2:6 a.m.27 views

CVE-2026-27973 Audiobookshelf has Stored XSS in ItemSearchCard.vue via Audiobook Metadata (Search Results on Mobile App)

Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library...

4CVSS0.00164EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.12 views

PT-2026-22119

Name of the Vulnerable Software and Affected Versions Audiobookshelf versions prior to 0.12.0-beta Description Audiobookshelf is a self-hosted audiobook and podcast server. A cross-site scripting XSS issue exists in versions of the Audiobookshelf mobile application prior to version 0.12.0-beta...

4.8CVSS6AI score0.00189EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.10 views

PT-2026-22111

Name of the Vulnerable Software and Affected Versions Audiobookshelf versions prior to 0.12.0-beta Description Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS issue exists in versions prior to 0.12.0-beta of the Audiobookshelf mobile application. Th...

4.8CVSS5.5AI score0.00164EPSS
Exploits0References9
Rows per page
Query Builder