Vulnerabilities (CVE)

Filtered by vendor Kotti Project Subscribe
Filtered by product Kotti
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-9856 1 Kotti Project 1 Kotti 2024-11-21 6.8 MEDIUM 8.8 HIGH
Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles implementation, as demonstrated by triggering a permission change via a /admin-document/@@share request.