Vulnerability in N/a

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter bib_list in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary…

EPSS: 0.000 (6.9th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References