Vulners
Lucene search
2 matches found
CVE-2015-4630
Koha CVE-2015-4630 affects multiple 3.14–3.20 series: CSRF/XSS vulnerabilities allow (1) admin session hijack via memberentry.pl to create users, (2) privilege escalation to superlibrarian via member-flags.pl, and (3) arbitrary user hijack via addshelf XSS on opac-shelves.pl. Publicly known fixed...
8CVSS8.5AI score0.0061EPSS
Exploits4References9Affected Software1
CVE-2015-4631
CVE-2015-4631 concerns multiple cross-site scripting (XSS) vulnerabilities in Koha. Affected are Koha 3.14.x prior to 3.14.16, 3.16.x prior to 3.16.12, 3.18.x prior to 3.18.08, and 3.20.x prior to 3.20.1. The flaws allow remote attackers to inject arbitrary scripts via numerous parameters across ...
5.4CVSS6.8AI score0.00524EPSS
Exploits5References11Affected Software1
20