VYPR

enterprise

by Kiwitcms

CVEs (1)

  • CVE-2023-30628HigApr 24, 2023
    risk 0.00cvss 8.8epss 0.04

    Kiwi TCMS is an open source test management system. In kiwitcms/Kiwi v12.2 and prior and kiwitcms/enterprise v12.2 and prior, the `changelog.yml` workflow is vulnerable to command injection attacks because of using an untrusted `github.head_ref` field. The `github.head_ref`…