CVE-2023-29014
- EPSS 0.89%
- Veröffentlicht 06.04.2023 20:15:08
- Zuletzt bearbeitet 21.11.2024 07:56:23
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID parameter....
CVE-2023-29015
- EPSS 0.89%
- Veröffentlicht 06.04.2023 20:15:08
- Zuletzt bearbeitet 21.11.2024 07:56:23
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in the user comment feature of Goobi viewer core prior to version 23.03. An attacker could...
CVE-2023-29016
- EPSS 0.89%
- Veröffentlicht 06.04.2023 20:15:08
- Zuletzt bearbeitet 21.11.2024 07:56:24
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when using nicknames. An attacker could create...
CVE-2020-15124
- EPSS 0.19%
- Veröffentlicht 22.07.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 05:04:52
In Goobi Viewer Core before version 4.8.3, a path traversal vulnerability allows for remote attackers to access files on the server via the application. This is limited to files accessible to the application server user, eg. tomcat, but can potential...