RSS   Vulnerabilities for 'Quokka'   RSS

2021-08-16
 
CVE-2020-18702

CWE-79
 

 
Cross Site Scripting (XSS) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the 'Username' parameter in the component 'quokka/admin/actions.py'.

 
 
CVE-2020-18703

CWE-611
 

 
XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/utils/atom.py'.

 
 
CVE-2020-18705

CWE-611
 

 
XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/core/content/views.py'.

 


Copyright 2024, cxsecurity.com

 

Back to Top