4 matches found
CVE-2022-31192
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored from the "Request a Copy" form. This means that item...
de.the-library-code.dspace:addon-duplication-detection-service-jspui (>=6.2.0 <=6.3.1), de.the-library-code.dspace:addon-identifiers-enduring-submission-jspui (=6.3.0) +1 more potentially affected by CVE-2022-31192 via org.dspace:dspace-jspui (>=6.0 <=6.3)
org.dspace:dspace-jspui MAVEN version =6.0, =6.2.0, =6.0, =6.3 Source cves: CVE-2022-31192 Source advisory: OSV:GHSA-4WM8-C2VV-XRPQ...
CVE-2022-31192 Cross Site Scripting possible in DSpace JSPUI "Request a Copy" feature
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored from the "Request a Copy" form. This means that item...
CVE-2022-31192 Cross Site Scripting possible in DSpace JSPUI "Request a Copy" feature
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored from the "Request a Copy" form. This means that item...