CVE-2015-1032

Publication date 21 January 2015

Last updated 24 July 2024

Ubuntu priority

Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when using kiwix-serve, allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to /search.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
kiwix	22.04 LTS jammy	Not affected
	21.10 impish	Not affected
	21.04 hirsute	Not affected
	16.04 LTS xenial	Ignored end of standard support
	14.04 LTS trusty	Ignored end of standard support

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2015-1032