Lucene search
Veracode Vulnerability DatabaseVERACODE:34861HistoryMar 28, 2022 - 7:43 a.m.
Cross-site Scripting (XSS)
2022-03-2807:43:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
cross-site scripting
libkiwix.so
searchurl
webserver
attacker
malicious code
EPSS
0.001
Percentile
30.9%
libkiwix.so is vulnerable to cross-site scripting(XSS) attacks. The library does not properly escape the searchURL parameter in the built-in webserver functionality, which allows an attacker to inject and execute malicious code.
Related
nvd
nvd
CVE-2022-27920
2022-03-25 20:15:09
cve
cve
CVE-2022-27920
2022-03-25 20:15:09
cvelist
cvelist
CVE-2022-27920
2022-03-25 20:00:38
prion
prion
Cross site scripting
2022-03-25 20:15:00
fedora
fedora
[SECURITY] Fedora 35 Update: libkiwix-10.1.0-1.fc35
2022-04-04 01:25:01
openvas
openvas
Fedora: Security Advisory for libkiwix (FEDORA-2022-d0fe2a444a)
2022-04-05 00:00:00
osv
osv
CVE-2022-27920
2022-03-25 20:15:09
ubuntucve
ubuntucve
CVE-2022-27920
2022-03-25 00:00:00
debiancve
debiancve
CVE-2022-27920
2022-03-25 20:15:09