Vulnerability Details CVE-2018-1000139
I, Librarian version 4.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in "id" parameter in stable.php that can result in an attacker using the XSS to send a malicious script to an unsuspecting user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2018-1000139
-
cpe:2.3:a:i-librarian:i_librarian:3.0
-
cpe:2.3:a:i-librarian:i_librarian:3.1
-
cpe:2.3:a:i-librarian:i_librarian:3.2
-
cpe:2.3:a:i-librarian:i_librarian:3.2.1
-
cpe:2.3:a:i-librarian:i_librarian:3.3
-
cpe:2.3:a:i-librarian:i_librarian:3.4
-
cpe:2.3:a:i-librarian:i_librarian:3.4.1
-
cpe:2.3:a:i-librarian:i_librarian:3.5
-
cpe:2.3:a:i-librarian:i_librarian:4.0
-
cpe:2.3:a:i-librarian:i_librarian:4.1
-
cpe:2.3:a:i-librarian:i_librarian:4.2
-
cpe:2.3:a:i-librarian:i_librarian:4.3
-
cpe:2.3:a:i-librarian:i_librarian:4.4
-
cpe:2.3:a:i-librarian:i_librarian:4.5
-
cpe:2.3:a:i-librarian:i_librarian:4.6
-
cpe:2.3:a:i-librarian:i_librarian:4.7
-
cpe:2.3:a:i-librarian:i_librarian:4.8