{"vulnerability": "CVE-2023-29014", "sightings": [{"uuid": "a33dea7c-6626-42c1-a5fe-d6ab562ab131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29014", "type": "seen", "source": "https://t.me/cibsecurity/61612", "content": "\u203c CVE-2023-29014 \u203c\n\nThe Goobi viewer is a web application that allows digitised material to be displayed in a web browser. A reflected cross-site scripting vulnerability has been identified in Goobi viewer core prior to version 23.03 when evaluating the LOGID parameter. An attacker could trick a user into following a specially crafted link to a Goobi viewer installation, resulting in the execution of malicious script code in the user's browser. The vulnerability has been fixed in version 23.03.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T00:27:31.000000Z"}]}