CVE-2015-4631

MEDIUM

Koha 3.14.00-3.14.15 - Cross-Site Scripting via Multiple Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-4631. PoCs published by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos.

AI-analyzed exploit summary This is a detailed writeup describing multiple XSS and XSRF vulnerabilities in Koha Open Source ILS. It includes affected versions, exploitation vectors, and proof-of-concept attack scenarios but does not contain executable exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to inject arbitrary web script or HTML via the (1) tag parameter to opac-search.pl; the (2) value parameter to authorities/authorities-home.pl; the (3) delay parameter to acqui/lateorders.pl; the (4) authtypecode or (5) tagfield to admin/auth_subfields_structure.pl; the (6) tagfield parameter to admin/marc_subfields_structure.pl; the (7) limit parameter to catalogue/search.pl; the (8) bookseller_filter, (9) callnumber_filter, (10) EAN_filter, (11) ISSN_filter, (12) publisher_filter, or (13) title_filter parameter to serials/serials-search.pl; or the (14) author, (15) collectiontitle, (16) copyrightdate, (17) isbn, (18) manageddate_from, (19) manageddate_to, (20) publishercode, (21) suggesteddate_from, or (22) suggesteddate_to parameter to suggestion/suggestion.pl; or the (23) direction, (24) display or (25) addshelf parameter to opac-shelves.pl.

Exploits (1)

exploitdb WRITEUP
by Raschin Tavakoli_ Bernhard Garn_ Peter Aufner & Dimitris Simos · textwebappsphp
https://www.exploit-db.com/exploits/37389

This is a detailed writeup describing multiple XSS and XSRF vulnerabilities in Koha Open Source ILS. It includes affected versions, exploitation vectors, and proof-of-concept attack scenarios but does not contain executable exploit code.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Koha Open Source ILS (versions 3.20.x <= 3.20.1, 3.18.x <= 3.18.8, 3.16.x <= 3.16.12)
Auth required
Prerequisites: User interaction (clicking a malicious link) · User must be logged in to the OPAC interface · User must have permissions to create public lists
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Exploit, Issue Tracking, Vendor Advisory x_refsource_confirm
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14418
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/37389/
Product, Release Notes, Vendor Advisory x_refsource_confirm
https://koha-community.org/security-release-koha-3-16-12/
Exploit, Issue Tracking x_refsource_confirm
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14423
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
https://seclists.org/fulldisclosure/2015/Jun/80
Product, Release Notes, Vendor Advisory x_refsource_confirm
https://koha-community.org/security-release-koha-3-18-8/
Product, Release Notes, Vendor Advisory x_refsource_confirm
https://koha-community.org/security-release-koha-3-20-1/
Exploit, Issue Tracking, Vendor Advisory x_refsource_confirm
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14416
Product, Release Notes, Vendor Advisory x_refsource_confirm
https://koha-community.org/koha-3-14-16-released/

Scores

CVSS v3 5.4
EPSS 0.0371
EPSS Percentile 88.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
koha/koha 3.14.00 - 3.14.16
Published Oct 18, 2018
Tracked Since Feb 18, 2026