Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-06	CVE-2024-28740	Cross-site Scripting vulnerability in Koha Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component. network low complexity koha CWE-79 critical	9.6

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.