Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

ATTACKERKB
ATTACKERKBadded 2022/02/19 4:15 a.m.4 views

CVE-2022-24980

An issue was discovered in the Kitodo.Presentation aka dif extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to vie...

7.5CVSS5.9AI score0.00857EPSS
Exploits0References3
CNNVD
CNNVDadded 2022/02/15 12:0 a.m.2 views

Kitodo Presentation 代码问题漏洞

Kitodo Presentation is a feature-rich framework for building METS or IIIF-based digital libraries. A code issue vulnerability exists in Kitodo Presentation that stems from the product's failure to adequately validate user-supplied input in eID scripts. A remote attacker could use this vulnerabili...

7.5CVSS7.6AI score0.00857EPSS
Exploits0References5
Veracode
Veracodeadded 2020/08/03 3:57 a.m.15 views

Cross-site Scripting (XSS)

kitodo/presentation is vulnerable to cross-site scripting XSS. The vulnerability exists as it does not sanitize the value of $piVar in ListView.php, and Navigation.php...

6.1CVSS1.6AI score0.00275EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder