Vulnerabilities (CVE)

Filtered by vendor Gjots2 Project Subscribe
Filtered by product Gjots2
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17535 1 Gjots2 Project 1 Gjots2 2024-11-21 6.8 MEDIUM 8.8 HIGH
lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.