Filtered by vendor Quokka Project Subscriptions
Filtered by product Quokka Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-18705 1 Quokka Project 1 Quokka 2024-11-21 9.8 Critical
XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/core/content/views.py'.
CVE-2020-18703 1 Quokka Project 1 Quokka 2024-11-21 9.8 Critical
XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/utils/atom.py'.
CVE-2020-18702 1 Quokka Project 1 Quokka 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the 'Username' parameter in the component 'quokka/admin/actions.py'.