Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:31 a.m.4 views

CVE-2024-50344

I, Librarian is an open-source version of a PDF managing SaaS. Supplemental Files are allowed to be viewed in the browser, only if they have a white-listed MIME type. Unfortunately, this logic is broken, thus allowing unsafe files containing Javascript to be executed with the application context...

4.6CVSS6.9AI score0.00277EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/30 3:51 p.m.19 views

CVE-2024-50344 I, Librarian has a Stored XSS vulnerability in Supplemental Files

I, Librarian is an open-source version of a PDF managing SaaS. Supplemental Files are allowed to be viewed in the browser, only if they have a white-listed MIME type. Unfortunately, this logic is broken, thus allowing unsafe files containing Javascript to be executed with the application context...

4.6CVSS6.9AI score0.00277EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/30 3:51 p.m.21 views

CVE-2024-50344 I, Librarian has a Stored XSS vulnerability in Supplemental Files

I, Librarian is an open-source version of a PDF managing SaaS. Supplemental Files are allowed to be viewed in the browser, only if they have a white-listed MIME type. Unfortunately, this logic is broken, thus allowing unsafe files containing Javascript to be executed with the application context...

4.6CVSS0.00277EPSS
Exploits0References2
CVE
CVE
added 2024/10/30 3:51 p.m.58 views

CVE-2024-50344

I, Librarian is affected by a vulnerability in its handling of Supplemental Files. Versions prior to 5.11.2 allow unsafe files containing JavaScript to execute within the application context due to broken MIME-type whitelisting. The issue can be triggered by uploading a malicious file and has bee...

4.6CVSS4.7AI score0.00277EPSS
Exploits0References2
Rows per page
Query Builder