{"id":"PYSEC-2022-18","details":"Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6.16.","aliases":["CVE-2022-0352","GHSA-h56g-v4vp-q9q6"],"modified":"2023-11-08T04:07:32.735977Z","published":"2022-01-28T22:15:00Z","references":[{"type":"FIX","url":"https://github.com/janeczku/calibre-web/commit/6bf07539788004513c3692c074ebc7ba4ce005e1"},{"type":"WEB","url":"https://huntr.dev/bounties/a577ff17-2ded-4c41-84ae-6ac02440f717"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-h56g-v4vp-q9q6"}],"affected":[{"package":{"name":"calibreweb","ecosystem":"PyPI","purl":"pkg:pypi/calibreweb"},"ranges":[{"type":"GIT","repo":"https://github.com/janeczku/calibre-web","events":[{"introduced":"0"},{"fixed":"6bf07539788004513c3692c074ebc7ba4ce005e1"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.16"}]}],"versions":["0.6.12","0.6.13","0.6.14","0.6.15"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/calibreweb/PYSEC-2022-18.yaml"}}],"schema_version":"1.7.3"}