Skip to main content

Kimai2

3 CVEs product

Monthly

CVE-2021-3983 PHP MEDIUM POC PATCH This Month

kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Kimai2
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-3992 PHP MEDIUM POC PATCH This Month

kimai2 is vulnerable to Improper Access Control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Kimai2
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-3985 PHP CRITICAL POC PATCH Act Now

kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Kimai2
NVD GitHub
CVSS 3.1
9.0
EPSS
1.2%
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Kimai2
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

kimai2 is vulnerable to Improper Access Control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Kimai2
NVD GitHub
EPSS 1% CVSS 9.0
CRITICAL POC PATCH Act Now

kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Kimai2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy