Every CVE whose affected-product data names Gonicus Gosa, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-11187 — CVSS 9.8 (critical): Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username…
CVE-2018-1000528 — CVSS 6.1 (medium): GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting (XSS) vulnerability in change…