calibre-web DC-2021-3988

2024-11-19

Platform: calibre-web

Version: Not specified

Vulnerability: Cross-site Scripting (XSS)

Severity: Medium

Date: November 15, 2021 (Originally reported)

:

A vulnerability exists in calibre-web that allows attackers to inject malicious scripts when editing book properties. This could lead to various attacks, including stealing cookies.

What Undercode Says:

This vulnerability affects calibre-web, a web interface for the calibre ebook management software. An attacker could exploit this vulnerability to steal a user’s cookies, potentially gaining access to their calibre account and sensitive information.

It is recommended that users update to a patched version of calibre-web as soon as possible.

Additional Notes:

There is no information on specific versions affected by this vulnerability.
No CVSS score or exploit code is publicly available.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top