← Back

Kotti

kotti

Vendor: Kotti Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-9856
1Kotti Project
1Kotti
Jun 17, 2026
Apr 9, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles implementation, as demonstrated by triggering a permission change via a /admin-document/@@share request.