Shaarli Project: >> Shaarli >> 0.12.2 Security Vulnerabilities
Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with `"` prematurely ends the `<input>` tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-01-26
Reflected Cross Site Scripting (XSS) vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-12-28