4 matches found
CVE-2026-50765
A stored cross-site scripting XSS vulnerability in the patron restriction type administration page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label...
CVE-2026-50765
A stored cross-site scripting XSS vulnerability in the patron restriction type administration page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label...
CVE-2026-50765
A stored cross-site scripting XSS vulnerability in the patron restriction type administration page of Koha Library Management System 0 through 25.11 versions allow an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label...
CVE-2026-50765
CVE-2026-50765 is a Cross-Site Scripting (XSS) vulnerability in Koha Library Management System (through version 25.11) affecting the patron restriction type administration page. An authenticated administrator can inject arbitrary scripts via the restriction type label (display_text field). The is...