Filtered by vendor Janeczku
Subscriptions
Filtered by product Calibre-web
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-39123 | 1 Janeczku | 1 Calibre-web | 2024-08-02 | 5.4 Medium |
| In janeczku Calibre-Web 0.6.0 to 0.6.21, the edit_book_comments function is vulnerable to Cross Site Scripting (XSS) due to improper sanitization performed by the clean_string function. The vulnerability arises from the way the clean_string function handles HTML sanitization. | ||||
Page 1 of 1.