CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Scilico: >> I, Librarian >> 4.3 Security Vulnerabilities

CVE-2017-1000237

I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password.

CVSS Score

9.8

EPSS Score

0.004

Published

2017-11-17

Page 2

Vulnerabilities

Vulnerable Software

Scilico: >> I, Librarian >> 4.3 Security Vulnerabilities

Products

Pricing

Contact Us