Xapian : Security Vulnerabilities, CVEs, CVSS score >= 3
A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet().
Max CVSS
6.1
EPSS Score
0.13%
Published
2018-07-02
Updated
2018-08-28
Cross-site scripting (XSS) vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages.
Max CVSS
4.3
EPSS Score
0.17%
Published
2009-09-14
Updated
2018-08-13
2 vulnerabilities found