Candidate: CVE-2015-1032
PublicDate: 2015-01-21 15:28:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1032
Description:
 Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when using
 kiwix-serve, allows remote attackers to inject arbitrary web script or HTML
 via the pattern parameter to /search.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:


Patches_kiwix:
upstream_kiwix: released (2.0.4-1)
trusty_kiwix: ignored (out of standard support)
xenial_kiwix: ignored (out of standard support)
hirsute_kiwix: not-affected (2.0.5-3)
impish_kiwix: not-affected
jammy_kiwix: not-affected
devel_kiwix: not-affected