Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/tag_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote malicious users to inject arbitrary web script or HTML via the (1) find, (2) lib, or (3) sid parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
exlibrisgroup aleph 500 18.1 |
||
exlibrisgroup aleph 500 20.0 |