A stored cross-site scripting (XSS) vulnerability exists in Yordam Information Technologies Library Automation System versions prior to 19.2. The flaw stems from improper neutralization of input during web page generation (CWE-79), allowing authenticated attackers with low privileges to inject malicious scripts that execute in victims' browsers. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) in [truncated]
MEDIUMYordam Information TechnologiesCVE published 2023-03-02
CVE-2021-45477 is a medium-severity vulnerability (CVSS 3.1: 6.5) in Yordam Library Automation System versions prior to 19.2. The issue involves improper handling of parameters that could allow an attacker with low privileges to collect data as provided by users. The vulnerability was published in the CVE database on March 2, 2023, though it references a 2021 CVE identifier. The National Vulnerability Dat [truncated]
