kevinpapst/kimai2 Security Advisories for 1.8 (8)
-
[HIGH] Improper Neutralization of Formula Elements in a CSV File in Kimai 2
PKSA-gzsr-mmz3-kpkd CVE-2021-43515 GHSA-64fq-9c6w-rq44
Affected version: <1.14.1
Reported by:
GitHub -
[MEDIUM] Cross-Site Request Forgery in kimai2
PKSA-vj5s-8fpd-jpsm CVE-2021-4033 GHSA-4jwx-78vx-gm6g
Affected version: <1.16.7
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in kimai2
PKSA-cnzw-pf63-4syr CVE-2021-3983 GHSA-67c7-5v9j-227r
Affected version: <1.16.3
Reported by:
GitHub -
[MEDIUM] kimai2 is vulnerable to Improper Access Control
PKSA-53t9-bz65-mf65 CVE-2021-3992 GHSA-9w8f-7wgr-2h7g
Affected version: <1.16.3
Reported by:
GitHub -
[HIGH] kimai2 is vulnerable to Cross-site Scripting
PKSA-4cz2-2z7n-5mtp CVE-2021-3985 GHSA-x68c-4gmm-5g43
Affected version: <1.16.3
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in kimai2
PKSA-c1yh-sytc-9mxc CVE-2021-3976 GHSA-427q-jp8v-ww95
Affected version: <1.16.2
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in kimai2
PKSA-2wgf-34qg-8277 CVE-2021-3963 GHSA-gf2c-93hm-r9j5
Affected version: <1.16
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in kimai2
PKSA-vjds-q3tc-kf96 CVE-2021-3957 GHSA-2xwq-h7r9-6w27
Affected version: <1.16
Reported by:
GitHub