2 matches found
CVE-2023-26987
CVE-2023-26987 affects Konga 0.14.9, where a crafted POST request enables remote attackers to manipulate user accounts regardless of privilege. The connected sources confirm the issue and describe the impact as unauthorized account manipulation via network-accessible input, with the root cause de...
CVE-2023-26987
An issue discovered in Konga 0.14.9 allows remote attackers to manipulate user accounts regardless of privilege via crafted POST request...