Cross-site Scripting (XSS)

🗓️ 03 Aug 2020 03:23:57Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 13 Views

kitodo/presentation vulnerable to cross-site scripting (XSS) due to unsanitized inpu

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
CVE	CVE-2020-16095	29 Jul 202015:15	–	cve
OSV	CVE-2020-16095	29 Jul 202015:15	–	osv
OSV	GHSA-FPQV-X9HM-35J9 Cross-site Scripting vulnerability in Kitodo.Presentation	31 Jul 202017:39	–	osv
Github Security Blog	Cross-site Scripting vulnerability in Kitodo.Presentation	31 Jul 202017:39	–	github
CNVD	TYPO3 dlf extension cross-site scripting vulnerability	31 Jul 202000:00	–	cnvd
Prion	Cross site scripting	29 Jul 202015:15	–	prion
Cvelist	CVE-2020-16095	29 Jul 202014:45	–	cvelist
NVD	CVE-2020-16095	29 Jul 202015:15	–	nvd
Typo3	Cross-Site Scripting in extension "Kitodo.Presentation" (dlf)	29 Jul 202000:00	–	typo3

Vulners

Node

citrix kitodo/presentationRange3.0.0-beta.1–3.1.1php

citrix kitodo/presentationMatch2.3.0php

Source	Link
github	www.github.com/kitodo/kitodo-presentation/commit/6a67256388350cc69efa7f36bbaee50c919ca23c
typo3	www.typo3.org/security/advisory/typo3-ext-sa-2020-015
github	www.github.com/advisories/GHSA-fpqv-x9hm-35j9
typo3	www.typo3.org/help/security-advisories

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

03 Aug 2020 03:57Current

1.6Low risk

Vulners AI Score1.6

CVSS24.3

CVSS36.1

EPSS0.00325