Scilico: Security Vulnerabilities
Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component.
CVSS Score
8.6
EPSS Score
0.004
Published
2024-08-12
Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to 5.10.4.
CVSS Score
4.1
EPSS Score
0.0
Published
2023-05-31
Multiple cross-site scripting (XSS) vulnerabilities in LabWiki 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) from parameter to index.php or the (2) page_no parameter to recentchanges.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-10-23