PT-2019-12307 · I · I
Duypv1997
·
Published
2019-04-21
·
Updated
2025-12-10
·
CVE-2019-11428
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
I, Librarian version 4.10
Description
The issue is related to a security problem where an attacker can execute malicious scripts. This is achieved through the
export files parameter in the "export.php" API endpoint.Recommendations
For I, Librarian version 4.10, avoid using the
export files parameter in the "export.php" endpoint until a fix is available. As a temporary workaround, consider restricting access to the export functionality to minimize the risk of exploitation.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
I