Shaarli Project Shaarli — known CVE vulnerabilities
Every CVE whose affected-product data names Shaarli Project Shaarli, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2013-7351 — CVSS 6.1 (medium): Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML…
CVE-2017-15215 — CVSS 6.1 (medium): Reflected XSS vulnerability in Shaarli v0.9.1 allows an unauthenticated attacker to inject JavaScript via the searchtags parameter to…
CVE-2018-5249 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Shaarli before 0.8.5 and 0.9.x before 0.9.3 allows remote attackers to inject arbitrary code…
CVE-2023-49469 — CVSS 6.1 (medium): Reflected Cross Site Scripting (XSS) vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag…
CVE-2026-24476 — CVSS 5.4 (medium): Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with `"` prematurely ends the…