Koha SQL Injection Vulnerability

CRITICAL (10.0) No Patch (277 days)
cwe-89kohakoha-24-11-02perlsql-injection

Threat Intelligence

⚠️ CRITICAL GAP - Exploits exist but no detection available
EPSS Score: 11.38% chance of exploitation (percentile: 93%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: GitHub PoC

How we test →

What is it?

Koha is a free and open-source library management system used by many libraries worldwide. The vulnerability in C4/Serials.pm allows an attacker to inject malicious SQL code into the /serials/lateissues-export.pl script, potentially compromising sensitive data.

Am I affected?

You're affected if you use GetLateOrMissingIssues. Affected versions: 24.11.02 If you don't recognise this software, you're probably not affected.

Affected Products

Koha Community / Koha

How to fix

To fix this vulnerability, upgrade to Koha version 24.11.03 or later. If an immediate upgrade isn't possible:

  1. Restrict network access to your Koha instance (firewall it from the public internet).
  2. Audit admin account activity for suspicious access patterns.
  3. Monitor for unauthorized token creation.

References