Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl in Koha 3.14.x prior to 3.14.16, 3.16.x prior to 3.16.12, and 3.20.x prior to 3.20.1 allows remote malicious users to inject arbitrary web script or HTML via a crafted list name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
koha koha 3.16.00 |
||
koha koha 3.16.05 |
||
koha koha 3.16.06 |
||
koha koha 3.14.00 |
||
koha koha 3.14.07 |
||
koha koha 3.14.08 |
||
koha koha 3.14.15 |
||
koha koha 3.20.00 |
||
koha koha 3.16.03 |
||
koha koha 3.16.04 |
||
koha koha 3.14.05 |
||
koha koha 3.14.06 |
||
koha koha 3.14.13 |
||
koha koha 3.14.14 |
||
koha koha 3.16.07 |
||
koha koha 3.16.08 |
||
koha koha 3.14.01 |
||
koha koha 3.14.02 |
||
koha koha 3.14.09 |
||
koha koha 3.14.10 |
||
koha koha 3.16.01 |
||
koha koha 3.16.02 |
||
koha koha 3.16.09 |
||
koha koha 3.16.10 |
||
koha koha 3.16.11 |
||
koha koha 3.14.03 |
||
koha koha 3.14.04 |
||
koha koha 3.14.11 |
||
koha koha 3.14.12 |