CVE-2023-29014

CVE-2023-29014

The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID parameter. An attacker could trick a user into following a specially crafted link to a Goobi viewer installation, resulting in the execution of malicious script code in the user’s browser. The vulnerability has been fixed in version 23.03.

Source: CVE-2023-29014

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다