Every CVE whose affected-product data names Kiwitcms Kiwi Tcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2023-30628 — CVSS 8.8 (high): Kiwi TCMS is an open source test management system. In kiwitcms/Kiwi v12.2 and prior and kiwitcms/enterprise v12.2 and prior, the…
CVE-2023-33977 — CVSS 8.1 (high): Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to…
CVE-2023-36809 — CVSS 8.1 (high): Kiwi TCMS, an open source test management system allows users to upload attachments to test plans, test cases, etc. Versions of Kiwi TCMS…
CVE-2023-30613 — CVSS 8.1 (high): Kiwi TCMS, an open source test management system, allows users to upload attachments to test plans, test cases, etc. In versions of Kiwi…
CVE-2023-32686 — CVSS 8.1 (high): Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to…
CVE-2023-27489 — CVSS 7.6 (high): Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS accepts SVG files uploaded by users…
CVE-2023-25156 — CVSS 7.5 (high): Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt…
CVE-2023-25171 — CVSS 7.5 (high): Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt…
CVE-2023-22451 — CVSS 6.5 (medium): Kiwi TCMS is an open source test management system. In version 11.6 and prior, when users register new accounts and/or change passwords…
CVE-2022-4105 — CVSS 5.4 (medium): A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing…
CVE-2023-30544 — CVSS 3.9 (low): Kiwi TCMS is an open source test management system. In versions of Kiwi TCMS prior to 12.2, users were able to update their email addresses…