Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Information Disclosure in janeczku/calibre-web
Vulnerability Description
A vulnerability in janeczku/calibre-web allows unauthorized users to view the names of private shelves belonging to other users. This issue occurs in the file shelf.py at line 221, where the name of the shelf is exposed in an error message when a user attempts to remove a book from a shelf they do not own. This vulnerability discloses private information and affects all versions prior to the fix.
CVSS Information
N/A
Vulnerability Type
通过错误消息导致的信息暴露
Vulnerability Title
Calibre-Web 安全漏洞
Vulnerability Description
Calibre-Web是Jan B个人开发者的一款用于浏览、阅读和下载Calibre数据库中电子书的Web应用程序。 Calibre-Web存在安全漏洞,该漏洞源于允许未经授权的用户查看属于其他用户的私人书架的名称。
CVSS Information
N/A
Vulnerability Type
N/A