{"uuid": "57752eb0-85fb-493d-8396-0d636e5dced3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-25964", "type": "seen", "source": "https://t.me/cibsecurity/29875", "content": "\u203c CVE-2021-25964 \u203c\n\nIn \u00e2\u20ac\u0153Calibre-web\u00e2\u20ac\ufffd application, v0.6.0 to v0.6.12, are vulnerable to Stored XSS in \u00e2\u20ac\u0153Metadata\u00e2\u20ac\ufffd. An attacker that has access to edit the metadata information, can inject JavaScript payload in the description field. When a victim tries to open the file, XSS will be triggered.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-04T18:18:48.000000Z"}