CVE-2019-25317 in Kimai v2informação

Sumário

de MITRE • 11/02/2026

Kimai 2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts into timesheet descriptions. Attackers can insert SVG-based XSS payloads in the description field to execute arbitrary JavaScript when the page is loaded and viewed by other users.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

22/08/2019

Divulgação

11/02/2026

Moderação

aceite

Entrada

VDB-140721

CPE

pronto

CWE

CWE-79 (confirmado)

CVSS

6.1 (NVD)

EPSS

0.00223

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-25317
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-25317
CVE Details	https://www.cvedetails.com/cve/CVE-2019-25317/

◂ Voltar Visão Geral Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!