ALT Linux Team

Package kiwix-lib update in sisyphus on 2022-03-25

ALT-PU-2022-1575-1

Package kiwix-lib updated to version 10.1.0-alt1 for branch sisyphus in task 297201.

Closed vulnerabilities

Published: 2022-03-25
Modified: 2024-11-21

CVE-2022-27920

libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. This is fixed in 10.1.0.

Severity: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top