Page 4 of 29 results (0.006 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16. Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en Pypi calibreweb versiones anteriores a 0.6.16 • https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92 https://huntr.dev/bounties/499688c4-6ac4-4047-a868-7922c3eab369 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1

Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6.16. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Reflejado en Pypi calibreweb versiones anteriores a 0.6.16 • https://github.com/janeczku/calibre-web/commit/6bf07539788004513c3692c074ebc7ba4ce005e1 https://huntr.dev/bounties/a577ff17-2ded-4c41-84ae-6ac02440f717 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) calibre-web es vulnerable a un ataque de tipo Cross-Site Request Forgery (CSRF) • https://github.com/janeczku/calibre-web/commit/785726deee13b4d56f6c3503dd57c1e3eb7d6f30 https://huntr.dev/bounties/2debace1-a0f3-45c1-95fa-9d0512680758 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

calibre-web is vulnerable to Business Logic Errors calibre-web es vulnerable a Errores de Lógica Empresarial • https://github.com/janeczku/calibre-web/commit/3e0d8763c377d2146462811e3e4ccf13f0d312ce https://huntr.dev/bounties/1117f439-133c-4563-afb2-6cd80607bd5c • CWE-840: Business Logic Errors •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 1

calibre-web is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') calibre-web es vulnerable a una Neutralización Inapropiada de Entradas Durante la Generación de Páginas Web ("Cross-site Scripting") • https://github.com/janeczku/calibre-web/commit/7ad419dc8c12180e842a82118f4866ac3d074bc5 https://huntr.dev/bounties/ff395101-e392-401d-ab4f-579c63fbf6a0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •