← Back

Quokka

quokka

Vendor: Quokka Project • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-18705
1Quokka Project
1Quokka
Nov 21, 2024
Aug 16, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/core/content/views.py'.
CVE-2020-18703
1Quokka Project
1Quokka
Nov 21, 2024
Aug 16, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/utils/atom.py'.
CVE-2020-18702
1Quokka Project
1Quokka
Nov 21, 2024
Aug 16, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross Site Scripting (XSS) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the 'Username' parameter in the component 'quokka/admin/actions.py'.