Skip to main content

Kimai 2

5 CVEs product

Monthly

CVE-2021-4033 PHP MEDIUM POC PATCH This Month

kimai2 is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Kimai 2
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-3963 PHP MEDIUM POC PATCH This Month

kimai2 is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Kimai 2
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-3957 PHP MEDIUM POC PATCH This Month

kimai2 is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Kimai 2
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-3976 PHP MEDIUM POC PATCH This Month

kimai2 is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Kimai 2
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2019-15481 PHP MEDIUM PATCH This Month

Kimai v2 before 1.1 has XSS via a timesheet description. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Kimai 2
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

kimai2 is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Kimai 2
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

kimai2 is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Kimai 2
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

kimai2 is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Kimai 2
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

kimai2 is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Kimai 2
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Kimai v2 before 1.1 has XSS via a timesheet description. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Kimai 2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy