CVE-2017-1000236

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-1000236
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000236.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-1000236
Published
2017-11-17T04:29:00Z
Modified
2024-09-03T01:34:29.106291Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

I, Librarian version <=4.6 & 4.7 is vulnerable to Reflected Cross-Site Scripting in the temp.php resulting in an attacker being able to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site.

References

Affected packages

Git / github.com/mkucej/i-librarian

Affected ranges

Type
GIT
Repo
https://github.com/mkucej/i-librarian
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected

Affected versions

3.*

3.0
3.1
3.2
3.2.1
3.3
3.4
3.4.1
3.5

4.*

4.0
4.1
4.2
4.3
4.4
4.5
4.6
4.7