HIGH8.8CVE-2023-30628Kiwi TCMS is an open source test management system. from 0, < e39f7e156fdaf6fec09a15ea6f4e8fec8cdbf751 | from 0, < 834c86dfd1b2492ccad7ebbfd6304bfec895fed2 | from 0, < 12.3
HIGH8.1CVE-2023-36809Kiwi TCMS's misconfigured HTTP headers allow stored XSS execution with Firefox from 0, < 12.5
HIGH8.1CVE-2023-33977kiwitcms vulnerable to stored cross-site scripting via unrestricted file upload from 0, < 12.4
HIGH7.7Unrestricted file upload in kiwi TCMS
from 0, < 12.2
HIGH7.6Kiwi TCMS Stored Cross-site Scripting via SVG file
from 0, < 12.1
HIGH7.5No protection against brute-force attacks on login page
from 0, < 12.0
HIGH7.5Denial of service vulnerability on Password reset page
from 0, < 12.0
MEDIUM5.4kiwitcms vulnerable to stored XSS via unrestricted files upload
from 0, < 12.3
MEDIUM5.4Cross-site Scripting in kiwitcms
from 0, < 11.6
NONE0.0kiwi TCMS has possibility for user to update email address to unverified one
from 0, < 12.2