Quokka Project

quokka_project

3 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-18705 1Quokka Project 1Quokka Nov 21, 2024 Aug 16, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/core/content/views.py'.
CVE-2020-18703 1Quokka Project 1Quokka Nov 21, 2024 Aug 16, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/utils/atom.py'.
CVE-2020-18702 1Quokka Project 1Quokka Nov 21, 2024 Aug 16, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross Site Scripting (XSS) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the 'Username' parameter in the component 'quokka/admin/actions.py'.