pkg:PyPI/kiwitcms

10 total CVEsHIGH7MEDIUM2

✅ Check your installed version

All known vulnerabilities

  • HIGH8.8CVE-2023-30628Kiwi TCMS is an open source test management system.
    from 0, < e39f7e156fdaf6fec09a15ea6f4e8fec8cdbf751 | from 0, < 834c86dfd1b2492ccad7ebbfd6304bfec895fed2 | from 0, < 12.3
  • HIGH8.1CVE-2023-36809Kiwi TCMS's misconfigured HTTP headers allow stored XSS execution with Firefox
    from 0, < 12.5
  • HIGH8.1CVE-2023-33977kiwitcms vulnerable to stored cross-site scripting via unrestricted file upload
    from 0, < 12.4
  • HIGH7.7CVE-2023-30613Unrestricted file upload in kiwi TCMS
    from 0, < 12.2
  • HIGH7.6CVE-2023-27489Kiwi TCMS Stored Cross-site Scripting via SVG file
    from 0, < 12.1
  • HIGH7.5CVE-2023-25156No protection against brute-force attacks on login page
    from 0, < 12.0
  • HIGH7.5CVE-2023-25171Denial of service vulnerability on Password reset page
    from 0, < 12.0
  • MEDIUM5.4CVE-2023-32686kiwitcms vulnerable to stored XSS via unrestricted files upload
    from 0, < 12.3
  • MEDIUM5.4CVE-2022-4105Cross-site Scripting in kiwitcms
    from 0, < 11.6
  • NONE0.0CVE-2023-30544kiwi TCMS has possibility for user to update email address to unverified one
    from 0, < 12.2