CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

K2: Security Vulnerabilities

CVE-2018-9920

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL.

CVSS Score

6.5

EPSS Score

0.002

Published

2018-05-24

Page 1

Vulnerabilities

Vulnerable Software

K2: Security Vulnerabilities

Products

Pricing

Contact Us