Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Kiwix Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-27920 2 Fedoraproject, Kiwix 2 Fedora, Libkiwix 2022-04-08 4.3 MEDIUM 6.1 MEDIUM
libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. This is fixed in 10.1.0.
CVE-2015-1032 1 Kiwix 1 Kiwix 2018-10-09 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when using kiwix-serve, allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to /search.