Vulnerabilities > Calibre Ebook > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2024-7008 | Cross-site Scripting vulnerability in Calibre-Ebook Calibre Unsanitized user-input in Calibre <= 7.15.0 allow attackers to perform reflected cross-site scripting. | 6.1 |
| 2017-03-16 | CVE-2016-10187 | Permissions, Privileges, and Access Controls vulnerability in Calibre-Ebook Calibre The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. | 5.5 |