calibreweb is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to improper sanitize input strings allowing attackers to steal cookies and inject arbitrary code into the victim’s web browser.
CPE | Name | Operator | Version |
---|---|---|---|
calibreweb | le | 0.6.15 | |
calibreweb | le | 0.6.15 |