Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intranda goobi viewer core vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-15124
In Goobi Viewer Core before version 4.8.3, a path traversal vulnerability allows for remote malicious users to access files on the server via the application. This is limited to files accessible to the application server user, eg. tomcat, but can potentially lead to the disclosur...
Intranda Goobi Viewer Core
6.1
CVSSv3
CVE-2023-29014
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID parameter. An attacker could trick a use...
Intranda Goobi Viewer Core
6.1
CVSSv3
CVE-2023-29015
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core prior to version 23.03. An attacker could create a specially crafted co...
Intranda Goobi Viewer Core
6.1
CVSSv3
CVE-2023-29016
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create a user account and enter mali...
Intranda Goobi Viewer Core
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started