CVE-2024-39123 | janeczku Calibre-Web up to 0.6.21 edit_book_comments cross site scripting

Inserito da Angelo Barbosa | Lug 19, 2024 | CVE

A vulnerability has been found in janeczku Calibre-Web up to 0.6.21 and classified as problematic. Affected by this vulnerability is the function edit_book_comments. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-39123. The attack can be launched remotely. There is no exploit available.

CVE-2024-39123 | janeczku Calibre-Web up to 0.6.21 edit_book_comments cross site scripting

Post correlati

CVE-2024-24824 | Graylog2 Server up to 5.1.10/5.2.3 HTTP PUT Request authorization (GHSA-p6gg-5hf4-4rgj)

CVE-2023-6280 | 52North WPS up to 4.0.0-beta.10 HTTP Request xml external entity reference

CVE-2024-11728 | iqonicdesign KiviCare Plugin up to 3.6.4 on WordPress visit_type[service_id] sql injection

CVE-2024-22373 | Mathieu Malaterre Grassroot DICOM 3.0.23 DICOM File DecodeByStreamsCommon memory corruption (TALOS-2024-1935)