KOHA MARC search.pl cross site scripting
CVE-2023-5025

5.4MEDIUM

Key Information:

Vendor

Koha

Status
KOHA
Vendor
CVE Published:
17 September 2023

What is CVE-2023-5025?

A vulnerability was found in KOHA up to 23.05.03. It has been declared as problematic. This vulnerability affects unknown code of the file /cgi-bin/koha/catalogue/search.pl of the component MARC. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239866 is the identifier assigned to this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

KOHA 23.05.03

References

https://vuldb.com/?id.239866
vdb-entrytechnical-description
https://vuldb.com/?ctiid.239866
signaturepermissions-required
https://www.youtube.com/watch?v=b5107YkpgaM
media-coverage

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Angel Metz
ph03n1xsp (VulDB User)
JSON
.