Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-34243 | 1 Pantsel | 1 Konga | 2025-06-13 | N/A | 5.4 MEDIUM |
| Konga v0.14.9 is vulnerable to Cross Site Scripting (XSS) via the username parameter. | |||||
| CVE-2023-39846 | 1 Pantsel | 1 Konga | 2024-11-21 | N/A | 9.8 CRITICAL |
| An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token. | |||||