Search CVE reports


Toggle filters

1 – 2 of 2 results


CVE-2022-27920

Medium priority
Needs evaluation

libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. This is fixed in 10.1.0.

1 affected package

libkiwix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libkiwix Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2015-1032

Medium priority
Not affected

Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when using kiwix-serve, allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to /search.

1 affected package

kiwix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kiwix Not affected Ignored
Show less packages