Description
Cross-site scripting (XSS) vulnerability in bibindex.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the search parameter.
Exploits (2)
exploitdb
WRITEUP
VERIFIED
by Patrick Hof · textwebappsphp
https://www.exploit-db.com/exploits/25119
exploitdb
WRITEUP
VERIFIED
by Patrick Hof · textwebappsphp
https://www.exploit-db.com/exploits/25118
References (3)
Core 3
Core References
Patch, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12583
Exploit, Mailing List, Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110868948719773&w=2
Exploit, Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=110864983905770&w=2
Scores
EPSS
0.0313
EPSS Percentile
86.9%
Details
CWE
CWE-79
Status
published
Products (1)
guillaumegardey/biborb
1.3.2 (2 CPE variants)
Published
May 02, 2005
Tracked Since
Feb 18, 2026