VYPR
Unrated severityNVD Advisory· Published May 1, 2023· Updated Jan 30, 2025

CVE-2023-26987

CVE-2023-26987

Description

An issue discovered in Konga 0.14.9 allows remote attackers to manipulate user accounts regardless of privilege via crafted POST request.

Affected products

2
  • Konga/Kongadescription
  • KongHQ/Kongallm-fuzzy
    Range: =0.14.9

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.