Filtered by vendor Kevinpapst
Subscriptions
Filtered by product Kimai
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25317 | 1 Kevinpapst | 1 Kimai | 2026-02-11 | 6.4 Medium |
| Kimai 2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into timesheet descriptions. Attackers can insert SVG-based XSS payloads in the description field to execute arbitrary JavaScript when the page is loaded and viewed by other users. | ||||
Page 1 of 1.