7 matches found
CVE-2023-29850
SENAYAN Library Management System (SLiMS) Bulian v9.5.2 is affected: it does not strip EXIF data from uploaded images, allowing disclosure of information such as geolocation and device data. The underlying root cause is the failure to strip metadata in image uploads. Current connected documents d...
CVE-2023-24086
SLIMS v9.5.2 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /customs/loanbyclass.php?reportView...
CVE-2023-24086
SLIMS v9.5.2 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /customs/loanbyclass.php?reportView...
Cross site scripting
SLIMS v9.5.2 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /customs/loanbyclass.php?reportView...
CVE-2023-24086
SLIMS v9.5.2 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /customs/loanbyclass.php?reportView...
CVE-2023-24086
SLIMS v9.5.2 is affected by a reflected Cross-Site Scripting (XSS) vulnerability in the component /customs/loan_by_class.php?reportView. The CVE-2023-24086 entry notes a reflected XSS with CVSS v3.1 properties: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N, indicating a network-exposed vulnerability requir...
CVE-2023-24086
SLIMS v9.5.2 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /customs/loanbyclass.php?reportView...