Jump to:

CVE-2018-8831

Jump to:

CVE-2018-8831

Package kodi updated to version 18.0-alt1 for branch sisyphus in task 220363.

Published: 2018-04-18
Modified: 2024-11-21

CVE-2018-8831

A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.

Severity: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References:

20180417 Kodi <= 17.6 - Persistent Cross-Site Scripting
20180417 Kodi <= 17.6 - Persistent Cross-Site Scripting
https://trac.kodi.tv/ticket/17814
https://trac.kodi.tv/ticket/17814
44487
44487

Version: 2.1.0

Package kodi update in sisyphus on 2019-02-01

ALT-PU-2019-1166-1

Closed vulnerabilities

CVE-2018-8831