CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:NOmeka S
APPOmeka< 4.0.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2023-4159HIGH8.8ten sam produkt
Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3.
CVE-2023-4560MEDIUM6.5ten sam produkt
Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4...
CVE-2023-4561MEDIUM4.8ten sam produkt
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.4.
CVE-2023-4158MEDIUM5.4ten sam produkt
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.3.
CVE-2023-3980MEDIUM4.8ten sam vendor
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.