admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2015/4xxx/CVE-2015-4631.json
CVE Team d20ddbbf8b
- Synchronized data.
2018-10-18 16:22:22 -04:00

113 lines
4.9 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4631",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to inject arbitrary web script or HTML via the (1) tag parameter to opac-search.pl; the (2) value parameter to authorities/authorities-home.pl; the (3) delay parameter to acqui/lateorders.pl; the (4) authtypecode or (5) tagfield to admin/auth_subfields_structure.pl; the (6) tagfield parameter to admin/marc_subfields_structure.pl; the (7) limit parameter to catalogue/search.pl; the (8) bookseller_filter, (9) callnumber_filter, (10) EAN_filter, (11) ISSN_filter, (12) publisher_filter, or (13) title_filter parameter to serials/serials-search.pl; or the (14) author, (15) collectiontitle, (16) copyrightdate, (17) isbn, (18) manageddate_from, (19) manageddate_to, (20) publishercode, (21) suggesteddate_from, or (22) suggesteddate_to parameter to suggestion/suggestion.pl; or the (23) direction, (24) display or (25) addshelf parameter to opac-shelves.pl."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "37389",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37389/"
},
{
"name" : "20150625 SBA Research Vulnerability Disclosure - Multiple Critical Vulnerabilities in Koha ILS",
"refsource" : "FULLDISC",
"url" : "https://seclists.org/fulldisclosure/2015/Jun/80"
},
{
"name" : "https://packetstormsecurity.com/files/132458/Koha-ILS-3.20.x-CSRF-XSS-Traversal-SQL-Injection.html",
"refsource" : "MISC",
"url" : "https://packetstormsecurity.com/files/132458/Koha-ILS-3.20.x-CSRF-XSS-Traversal-SQL-Injection.html"
},
{
"name" : "https://www.sba-research.org/2015/06/24/researchers-of-sba-research-found-several-critical-security-vulnerabilities-in-the-koha-library-software-via-combinatorial-testing/",
"refsource" : "MISC",
"url" : "https://www.sba-research.org/2015/06/24/researchers-of-sba-research-found-several-critical-security-vulnerabilities-in-the-koha-library-software-via-combinatorial-testing/"
},
{
"name" : "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14416",
"refsource" : "CONFIRM",
"url" : "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14416"
},
{
"name" : "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14418",
"refsource" : "CONFIRM",
"url" : "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14418"
},
{
"name" : "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14423",
"refsource" : "CONFIRM",
"url" : "https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14423"
},
{
"name" : "https://koha-community.org/koha-3-14-16-released/",
"refsource" : "CONFIRM",
"url" : "https://koha-community.org/koha-3-14-16-released/"
},
{
"name" : "https://koha-community.org/security-release-koha-3-16-12/",
"refsource" : "CONFIRM",
"url" : "https://koha-community.org/security-release-koha-3-16-12/"
},
{
"name" : "https://koha-community.org/security-release-koha-3-18-8/",
"refsource" : "CONFIRM",
"url" : "https://koha-community.org/security-release-koha-3-18-8/"
},
{
"name" : "https://koha-community.org/security-release-koha-3-20-1/",
"refsource" : "CONFIRM",
"url" : "https://koha-community.org/security-release-koha-3-20-1/"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink