cvedb.io
CVE-2015-6011
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2015-09-28T02:59:07.637 · Last modified 2026-06-17T00:30:15.143

Summary

Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge before 2015-01-08 allows remote attackers to conduct XML injection attacks via (1) the id parameter to unapi.php or (2) the stylesheet parameter to sru.php.

Affected products

refbase — refbase

Does this affect you?

Add your gear to cvedb and we'll alert you only when refbase ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.