Juuz0

**Name of the Vulnerable Software and Affected Versions** libkiwix versions 10.0.0 through 10.0.1 **Description** The issue allows for XSS in the built-in webserver functionality via the `search suggestions URL parameter`. This is a result of a problem in the webserver functionality of the software. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** For libkiwix versions 10.0.0 through 10.0.1, update to version 10.1.0 to resolve the issue. As a temporary workaround, consider restricting access to the built-in webserver functionality until the update is applied. Avoid using the vulnerable search suggestions URL parameter in the affected webserver functionality until the issue is resolved.