Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

Kiwi TCMS

the leading open source test management system
Collective - Host: europe - https://opencollective.com/kiwitcms - Website: https://kiwitcms.org - Code: https://github.com/kiwitcms

High

Kiwi: GSA_kwCzR0hTQS1qcGd3LTJyOW0tOHFmd84AA0OU

Kiwi TCMS's misconfigured HTTP headers allow stored XSS execution with Firefox
Ecosystems: pypi
Packages: kiwitcms
Source: github
Published: over 1 year ago

High

Kiwi: GSA_kwCzR0hTQS0yZnFtLW00cjItZmg5OM4AAzr5

kiwitcms vulnerable to stored cross-site scripting via unrestricted file upload
Ecosystems: pypi
Packages: kiwitcms
Source: github
Published: over 1 year ago

Moderate

Kiwi: GSA_kwCzR0hTQS14N2MyLTd3dmctanB4N84AAza-

kiwitcms vulnerable to stored XSS via unrestricted files upload
Ecosystems: pypi
Packages: kiwitcms
Source: github
Published: over 1 year ago

High

Kiwi: GSA_kwCzR0hTQS1md2NmLTc1M3YtZmdjas4AAy8_

Unrestricted file upload in kiwi TCMS
Ecosystems: pypi
Packages: kiwitcms
Source: github
Published: over 1 year ago

Low

Kiwi: GSA_kwCzR0hTQS03eDZxLTN2M20tY3dqZ84AAy8N

kiwi TCMS has possibility for user to update email address to unverified one
Ecosystems: pypi
Packages: kiwitcms
Source: github
Published: over 1 year ago

High

Kiwi: GSA_kwCzR0hTQS0yd2NyLTg3d2YtY2Y5as4AAyds

Kiwi TCMS Stored Cross-site Scripting via SVG file
Ecosystems: pypi
Packages: kiwitcms
Source: github
Published: over 1 year ago

High

Kiwi: GSA_kwCzR0hTQS03OTY4LWg0bTQtZ2htOc4AAxpr

No protection against brute-force attacks on login page
Ecosystems: pypi
Packages: kiwitcms
Source: github
Published: almost 2 years ago

High

Kiwi: GSA_kwCzR0hTQS03ajloLTNqeGYtM3ZyZs4AAxpq

Denial of service vulnerability on Password reset page
Ecosystems: pypi
Packages: kiwitcms
Source: github
Published: almost 2 years ago