Vulners
Lucene search
2 matches found
Cross-site scripting invenio-records
Cross-Site Scripting XSS vulnerability in administration interface Impact A Cross-Site Scripting XSS vulnerability was discovered when rendering JSON for a record in the administration interface. The vulnerability could be exploited by e.g. a user who had access to upload a new record, that an...
5.4CVSS1AI score0.00206EPSS
Exploits0References4Affected Software1
Audio Record 1.0 - Arbitrary File Upload
Unrestricted file upload in record upload process allowing arbitrary extension...
3.3AI score
Exploits0References2Affected Software1
20