8 matches found
EUVD-2022-3061
Malicious code in bioql PyPI...
Kimai v2 is vulnerable to Cross-Site Scripting (XSS)
Kimai v2 before 1.1 has XSS via a timesheet description...
GHSA-7V44-75JF-22GJ Kimai v2 is vulnerable to Cross-Site Scripting (XSS)
Kimai v2 before 1.1 has XSS via a timesheet description...
CVE-2019-15481
Kimai v2 before 1.1 has XSS via a timesheet description...
CVE-2019-15481
Kimai v2 before 1.1 has XSS via a timesheet description...
Information disclosure
Kimai v2 before 1.1 has XSS via a timesheet description...
CVE-2019-15481
Kimai v2 before 1.1 has XSS via a timesheet description...
CVE-2019-15481
Affected product: Kimai v2 prior to 1.1. The vulnerability is an XSS flaw in the timesheet description field, where unescaped user input can be rendered in the UI. Root cause: lack of proper escaping/validation of the timesheet description leading to script injection. Impact: cross-site scripting...