Primary

Context

Wolters Kluwer LEX Baza Dokumentów DOM-Based Cross-Site Scripting Vulnerability

Vulnerability

A DOM-based cross-site scripting vulnerability has been identified in Wolters Kluwer LEX Baza Dokumentów, specifically within the 'em' cookie parameter. The application processes this parameter unsafely on the client side, allowing attackers to execute arbitrary JavaScript in the context of the victim's browser. While the ability to set a cookie could enable more severe attacks, the overall risk of exploitation is considered minimal. Nevertheless, the vendor acknowledged this issue and released a security patch, with the vulnerability fixed in version 1.3.4.

Impact

Exploitation of this vulnerability allows for DOM-based cross-site scripting, where an attacker can execute arbitrary JavaScript in the context of the victim's browser.

Remediation

Users are advised to update to version 1.3.4 or later, where this vulnerability has been addressed.

Added: Apr 30, 2026, 12:26 PM

Updated: Apr 30, 2026, 12:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

6.4

remediation

0.0

relevance

7.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

6.4

remediation

0.0

relevance

7.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wolters Kluwer LEX Baza Dokumentów DOM-Based Cross-Site Scripting Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating