2 matches found
CVE-2018-1000139
I, Librarian version 4.8 and earlier contains a Cross Site Scripting XSS vulnerability in "id" parameter in stable.php that can result in an attacker using the XSS to send a malicious script to an unsuspecting user...
CVE-2018-1000139
CVE-2018-1000139 affects Scilico I, Librarian prior to version 4.8. The issue is a Cross Site Scripting (XSS) vulnerability in the user-controllable parameter "id" within stable.php, allowing an attacker to inject a malicious script that could be executed in a victim’s browser. The linked Red Hat...