Lucene search
Konga ProjectKonga
3 matches found
CVE-2021-42192
Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation.
9CVSS8.6AI score0.33014EPSS
CVE-2023-2418
A vulnerability was found in Konga 2.8.3 on Kong. It has been classified as problematic. This affects an unknown part of the component Login API. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. The exploitability is told to be difficult. The explo...
5.9CVSS4.8AI score0.00102EPSS
CVE-2023-26987
An issue discovered in Konga 0.14.9 allows remote attackers to manipulate user accounts regardless of privilege via crafted POST request.
6.5CVSS6.5AI score0.00072EPSS