Filtered by vendor Pantsel Subscriptions
Filtered by product Konga Subscriptions

Search

Switch to Advanced Search (Beta)
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-34243 1 Pantsel 1 Konga 2025-06-13 5.4 Medium
Konga v0.14.9 is vulnerable to Cross Site Scripting (XSS) via the username parameter.
CVE-2023-39846 1 Pantsel 1 Konga 2024-11-21 9.8 Critical
An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token.