{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T13:52:43.676","vulnerabilities":[{"cve":{"id":"CVE-2025-52360","sourceIdentifier":"cve@mitre.org","published":"2025-07-25T15:15:29.893","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-Site Scripting (XSS) vulnerability exists in the OPAC search feature of Koha Library Management System v24.05. Unsanitized input entered in the search field is reflected in the search history interface, leading to the execution of arbitrary JavaScript in the browser context when the user interacts with the interface."},{"lang":"es","value":"Existe una vulnerabilidad de Cross-Site Scripting (XSS) en la función de búsqueda OPAC de Koha Library Management System v24.05. La información no depurada introducida en el campo de búsqueda se refleja en la interfaz del historial de búsqueda, lo que provoca la ejecución de JavaScript arbitrario en el contexto del navegador cuando el usuario interactúa con la interfaz."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://gist.github.com/MerttTuran/32289a1d3c173f0b7934237c1696bef1","source":"cve@mitre.org"}]}}]}