Every CVE whose affected-product data names Quokka Project Quokka, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-18703 — CVSS 9.8 (critical): XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/utils/atom.py'.
CVE-2020-18705 — CVSS 9.8 (critical): XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the component 'quokka/core/content/views…
CVE-2020-18702 — CVSS 6.1 (medium): Cross Site Scripting (XSS) in Quokka v0.4.0 allows remote attackers to execute arbitrary code via the 'Username' parameter in the component…