3 matches found
EUVD-2024-1536
Malicious code in bioql PyPI...
PT-2024-25763 · Konga · Konga
Name of the Vulnerable Software and Affected Versions: Konga version 0.14.9 Description: The issue allows for Cross Site Scripting XSS via the username parameter. Recommendations: For Konga version 0.14.9, avoid using the username parameter until the issue is resolved...
PT-2023-20890 · Konga · Konga
Name of the Vulnerable Software and Affected Versions: Konga version 0.14.9 Description: An issue in Konga allows remote attackers to manipulate user accounts, regardless of privilege, via a crafted POST request. Recommendations: For Konga version 0.14.9, at the moment, there is no information...