Quokka is a content management framework written in Python. quokka version 0.4.0 is vulnerable to XML external entity injection. A remote attacker can exploit this vulnerability to execute arbitrary code via the quokka/utils/atom.py component.
CPE | Name | Operator | Version |
---|---|---|---|
quokka quokka | eq | 0.4.0 |