Browse all 4 CVE security advisories affecting intranda. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Intranda develops enterprise content management systems, primarily serving libraries and cultural institutions. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. While no major public security incidents have been widely reported, the four CVEs on record highlight persistent issues with authentication bypass and insecure direct object references. Their security posture appears typical for legacy enterprise software, with vulnerabilities concentrated in web interfaces and administrative functions, requiring regular patching and hardening to mitigate exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-29016 | Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames — goobi-viewer-coreCWE-79 | 6.1 | Medium | 2023-04-06 |
| CVE-2023-29015 | Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments — goobi-viewer-coreCWE-79 | 6.1 | Medium | 2023-04-06 |
| CVE-2023-29014 | Goobi viewer Core Reflected Cross-Site Scripting Vulnerability Using LOGID Parameter — goobi-viewer-coreCWE-79 | 6.1 | Medium | 2023-04-06 |
| CVE-2020-15124 | Path traversal in Goobi viewer Core — goobi-viewer-coreCWE-22 | 9.6 | Critical | 2020-07-22 |
This page lists every published CVE security advisory associated with intranda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.