I, Librarian version 4.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in "id" parameter in stable.php that can result in an attacker using the XSS to send a malicious script to an unsuspecting user.
Metrics
Affected Vendors & Products
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2018-1857 | I, Librarian version 4.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in "id" parameter in stable.php that can result in an attacker using the XSS to send a malicious script to an unsuspecting user. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 05 Dec 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Scilico
Scilico i\, Librarian |
|
| CPEs | cpe:2.3:a:scilico:i\,_librarian:*:*:*:*:*:*:*:* | |
| Vendors & Products |
I-librarian
I-librarian i Librarian |
Scilico
Scilico i\, Librarian |
| Metrics |
cvssV3_0
|
cvssV3_1
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-16T19:25:09.732Z
Reserved: 2018-03-23T00:00:00Z
Link: CVE-2018-1000139
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-03-23T21:29:00.583
Modified: 2025-12-05T20:14:48.557
Link: CVE-2018-1000139
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses