Alist@* Security Vulnerabilities and Issues — Alist@* CVE List

Lucene search

Alist ProjectAlist*

3 matches found

CVE•added 2022/03/12 1:15 a.m.•82 views

CVE-2022-26533

Alist v2.1.0 and below was discovered to contain a cross-site scripting (XSS) vulnerability via /i/:data/ipa.plist.

6.1CVSS6AI score0.00228EPSS

CVE•added 2023/06/07 2:15 p.m.•43 views

CVE-2023-33498

alist

8.8CVSS8.7AI score0.00107EPSS

CVE•added 2024/09/30 4:15 p.m.•43 views

CVE-2024-47067

AList is a file list program that supports multiple storages. AList contains a reflected cross-site scripting vulnerability in helper.go. The endpoint /i/:link_name takes in a user-provided value and reflects it back in the response. The endpoint returns an application/xml response, opening it up t...

6.1CVSS5.7AI score0.00025EPSS