vivo-project/Vitro

Releases161

Frequency1 month 6 days

Last Release 4 months ago

Stars115

Vitro is a "full stack" framework for building semantic web applications. It is not domain specific.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-6986 ↗	Jan 28, 2019Monday, 28 January 2019, 15:29	—	5 MEDIUM
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request.