A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core prior to 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet().
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xapian xapian-core |
||
canonical ubuntu linux 17.10 |
||
canonical ubuntu linux 18.04 |