2 matches found
CVE-2024-22824
CVE-2024-22824 affects Timo v2.0.3. The issue enables remote code execution via the filetype restrictions in UploadController.java, with CVSS 3.1 base score 9.8 (CRITICAL, NETWORK, HIGH impact on confidentiality, integrity, and availability). Red Hat and PRION/NVD/CNNVD entries corroborate the co...
CVE-2026-30162
CVE-2026-30162 affects Timo 2.0.3 with a Cross Site Scripting (XSS) flaw in the title field. The root cause is crafted links in the title that can be manipulated to execute scripts when a user interacts with the field. Affects the vulnerable component: the title input in Timo 2.0.3; impact includ...