Vulnerabilities > Scilico > I Librarian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-40500 | Cross-site Scripting vulnerability in Scilico I-Librarian Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component. | 8.6 |
| 2023-05-31 | CVE-2023-3021 | Unspecified vulnerability in Scilico I, Librarian Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to 5.10.4. | 5.4 |