Vulnerabilities > CVE-2021-4170 - Unspecified vulnerability in Janeczku Calibre-Web
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
calibre-web is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Vulnerable Configurations
References
- https://github.com/janeczku/calibre-web/commit/7ad419dc8c12180e842a82118f4866ac3d074bc5
- https://github.com/janeczku/calibre-web/commit/7ad419dc8c12180e842a82118f4866ac3d074bc5
- https://huntr.dev/bounties/ff395101-e392-401d-ab4f-579c63fbf6a0
- https://huntr.dev/bounties/ff395101-e392-401d-ab4f-579c63fbf6a0