3 matches found
CVE-2017-1000063
The CVE-2017-1000063 entry affects kitto framework (kitto version 0.5.1) and is caused by a cross-site scripting (XSS) flaw on the 404 page. The vulnerability enables remote attackers to inject malicious script/HTML, which can be used to steal sensitive information or hijack user sessions when vi...
CVE-2017-1000062
The CVE-2017-1000062 entry concerns kittoframework kitto 0.5.1, which is vulnerable to a directory traversal flaw in the router that can lead to remote code execution. Public references describe kitto as an Elixir-based interactive dashboard framework; the vulnerability originates from improper v...
CVE-2017-1000064
CVE-2017-1000064 affects kittoframework kitto version 0.5.1. The vulnerability is described as memory exhaustion in the router, leading to a denial of service. Connected sources consistently attribute the issue to kitto’s processing memory and do not provide a concrete patch or remediation detail...