[NPM:GHSA-93PF-MRC8-4G3H] Konga is vulnerable to Cross Site Scripting (XSS) attacks

Severity Moderate
Affected Packages 1
CVEs 1

Konga v0.14.9 is vulnerable to Cross Site Scripting (XSS) via the username parameter.

Package Affected Version
pkg:npm/kongadmin <= 0.14.9
ID
NPM:GHSA-93PF-MRC8-4G3H
Severity
moderate
URL
https://github.com/advisories/GHSA-93pf-mrc8-4g3h
Published
2024-05-14T18:31:01
(8 days ago)
Modified
2024-05-14T21:47:55
(8 days ago)
Rights
NPM Security Team
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:npm/kongadmin kongadmin <= 0.14.9
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date
Loading...