CVE-2017-15215

Priority
Description
Reflected XSS vulnerability in Shaarli v0.9.1 allows an unauthenticated
attacker to inject JavaScript via the searchtags parameter to index.php. If
the victim is an administrator, an attacker can (for example) take over the
admin session or change global settings or add/delete links. It is also
possible to execute JavaScript against unauthenticated users.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
More Information

Updated: 2018-10-22 16:23:58 UTC (commit b54e6a5171d67a3fa243eb9da698cc11f4eceed1)