Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2023-26987
Disclosure Date: May 01, 2023 (last updated October 08, 2023)
An issue discovered in Konga 0.14.9 allows remote attackers to manipulate user accounts regardless of privilege via crafted POST request.
0
Attacker Value
Unknown
CVE-2021-42192
Disclosure Date: May 04, 2022 (last updated October 07, 2023)
Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation.
0
