Konga - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	2

Date	Id	Summary	Products	Score	Patch	Annotated
2024-05-14	CVE-2024-34243	Konga v0.14.9 is vulnerable to Cross Site Scripting (XSS) via the username parameter.	Konga	N/A
2023-08-16	CVE-2023-39846	An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token.	Konga	9.8