pkg:PyPI/indico

所有已知漏洞

• HIGH7.5CVE-2021-30185Indico Tampering with links (e.g. password reset) in sent emails
  from 0, < 2.3.4
• HIGH7.5CVE-2021-30185Indico Tampering with links (e.g. password reset) in sent emails
  from 0, < 2.3.4
• MEDIUM6.5CVE-2026-28352Indico has a missing access check in the event series management API
  from 0, < 3.3.11
• MEDIUM6.1CVE-2024-45399Indico has a Cross-Site-Scripting during account creation
  from 0, < 0bdcf656d469e5f675cb56fd644d82fea3a97c2a | from 0, < 7dcb573837b9fd09d95f74d1baeae225b164cc8f | from 0, < 3.3.4
• MEDIUM6.1CVE-2024-45399Indico has a Cross-Site-Scripting during account creation
  from 0, < 3.3.4
• MEDIUM5.4CVE-2026-25739Indico Affected by Cross-Site-Scripting via material uploads
  from 0, < 3.3.10
• MEDIUM5.4CVE-2023-37901Indico vulnerable to Cross-Site-Scripting via confirmation prompts
  from 0, < 3.2.6
• MEDIUM5.4CVE-2023-37901Indico vulnerable to Cross-Site-Scripting via confirmation prompts
  from 0, < 2ee636d318653fb1ab193803dafbfe3e371d4130 | from 0, < 3.2.6
• MEDIUM4.6CVE-2025-59035Indico vulnerable to Cross-Site Scripting via LaTeX math code
  from 0, < 3.3.8
• MEDIUM4.3CVE-2025-59034Indico may disclose unauthorized user details access via legacy API
  from 0, < 3.3.8
• NONE0.0CVE-2024-50633Indico Insecure Access
  >= 3.2.9, < 3.3.3
• —CVE-2026-33046Indico discloses local files resulting in Remote Code Execution through LaTeX injection
  from 0, < 3.3.12
• —CVE-2026-25738Indico has Server-Side Request Forgery (SSRF) in multiple places
  from 0, < 3.3.10
• —CVE-2025-53640Indico vulnerability allows attackers to bulk dump user details
  >= 2.2, < 3.3.7