Lucene search
+L

7 matches found

NVD
NVD
added 2024/05/14 4:17 p.m.19 views

CVE-2024-34243

Konga v0.14.9 is vulnerable to Cross Site Scripting XSS via the username parameter...

5.4CVSS5.7AI score0.00446EPSS
Exploits1References1
CVE
CVE
added 2024/05/14 3:19 p.m.90 views

CVE-2024-34243

CVE-2024-34243 affects Konga v0.14.9 with Cross-Site Scripting (XSS) via the username parameter. The linked sources indicate the underlying issue is inadequate input validation on the username field, enabling injected scripts. The CVE is recorded with a CVSS v3.1 base score of 5.4 (Medium) and sh...

5.4CVSS5.9AI score0.00446EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/16 12:0 a.m.13 views

CVE-2023-39846

An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token...

7.2AI score0.00897EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/08/16 12:0 a.m.22 views

CVE-2023-39846

An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token...

9.6AI score0.00897EPSS
Exploits1References1
OSV
OSV
added 2022/05/04 11:15 a.m.16 views

CVE-2021-42192

Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation...

8.8CVSS6.8AI score
Exploits0References5
Prion
Prion
added 2022/05/04 11:15 a.m.16 views

Privilege escalation

Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation...

9CVSS8.6AI score0.09919EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2022/05/04 12:0 a.m.25 views

CVE-2021-42192

Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation...

8.9AI score0.09919EPSS
Exploits2References5
Rows per page
Query Builder