← All advisories

Moderate severityNVD Advisory· Published May 14, 2024· Updated Mar 28, 2025

CVE-2024-34243

CVE-2024-34243

Description

Konga v0.14.9 is vulnerable to Cross Site Scripting (XSS) via the username parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
kongadminnpm	<= 0.14.9	—

Affected products

2

Konga/Kongadescription
ghsa-coords
pkg:npm/kongadmin
Range: <= 0.14.9

Patches

Vulnerability mechanics

References

3

github.com/advisories/GHSA-93pf-mrc8-4g3hghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2024-34243ghsaADVISORY
github.com/JByteL/CVE/tree/main/CVE-2024-34243ghsaWEB

News mentions

0

No linked articles in our index yet.