9 matches found
EUVD-2025-19058
Malicious code in bioql PyPI...
CVE-2025-52880
Komga is a media server for comics, mangas, BDs, magazines and eBooks. A Cross-Site Scripting XSS vulnerability has been discovered in versions 1.8.0 through 1.21.3 when serving EPUB resources, either directly from the API, or when reading using the epub reader. The vulnerability lets an attacker...
CVE-2025-52880
Komga is a media server for comics, mangas, BDs, magazines and eBooks. A Cross-Site Scripting XSS vulnerability has been discovered in versions 1.8.0 through 1.21.3 when serving EPUB resources, either directly from the API, or when reading using the epub reader. The vulnerability lets an attacker...
CVE-2025-52880
Komga (media server for comics/manga/eBooks) has a documented XSS vulnerability in EPUB handling affecting versions 1.8.0–1.21.3. The flaw lets an attacker perform actions on the victim via crafted EPUBs, and when an admin user is targeted, it can combine with server-side commands to achieve arbi...
CVE-2025-52880 Komga Vulnerable to Arbitrary Code Execution via Crafted EPUB File
Komga is a media server for comics, mangas, BDs, magazines and eBooks. A Cross-Site Scripting XSS vulnerability has been discovered in versions 1.8.0 through 1.21.3 when serving EPUB resources, either directly from the API, or when reading using the epub reader. The vulnerability lets an attacker...
CVE-2025-52880 Komga Vulnerable to Arbitrary Code Execution via Crafted EPUB File
Komga is a media server for comics, mangas, BDs, magazines and eBooks. A Cross-Site Scripting XSS vulnerability has been discovered in versions 1.8.0 through 1.21.3 when serving EPUB resources, either directly from the API, or when reading using the epub reader. The vulnerability lets an attacker...
CVE-2025-52880 Komga Vulnerable to Arbitrary Code Execution via Crafted EPUB File
Komga is a media server for comics, mangas, BDs, magazines and eBooks. A Cross-Site Scripting XSS vulnerability has been discovered in versions 1.8.0 through 1.21.3 when serving EPUB resources, either directly from the API, or when reading using the epub reader. The vulnerability lets an attacker...
PT-2025-26781 · Komga · Komga
Name of the Vulnerable Software and Affected Versions: Komga versions 1.8.0 through 1.21.3 Description: A Cross-Site Scripting XSS issue has been found in Komga when serving EPUB resources. This allows an attacker to perform actions on the victim's behalf. If an admin user is targeted, it can be...
Komga 安全漏洞
Komga is a media server for comics, magazines, and eBooks by Gauthier Personal Developers. A security vulnerability exists in Komga versions 1.8.0 through 1.21.3, which stems from the presence of cross-site scripting in the EPUB resource that could lead to execution of operations as a victim...