Filtered by vendor Kiwix
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-27920 | 2 Fedoraproject, Kiwix | 2 Fedora, Libkiwix | 2022-04-08 | 4.3 MEDIUM | 6.1 MEDIUM |
libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. This is fixed in 10.1.0. | |||||
CVE-2015-1032 | 1 Kiwix | 1 Kiwix | 2018-10-09 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when using kiwix-serve, allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to /search. |