Filtered by vendor Sokrates Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-6050 1 Sokrates 1 Sowa Opac 2024-11-21 6.1 Medium
Improper Neutralization of Input During Web Page Generation vulnerability in SOKRATES-software SOWA OPAC allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects SOWA OPAC software in versions from 4.0 before 4.9.10, from 5.0 before 6.2.12.
CVE-2020-28350 1 Sokrates 1 Sowasql 2024-11-21 6.1 Medium
A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates SOWA SowaSQL through 5.6.1 via the sowacgi.php typ parameter.