Security Advisories · kimai/kimai · GitHub

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

XXE Leading to Local File Read
GHSA-534c-hcr7-67jg published Sep 17, 2024 by kevinpapst

Moderate
API returns timesheet entries a user should not be authorized to view
GHSA-cj3c-5xpm-cx94 published Mar 27, 2024 by kevinpapst

Moderate
Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig File
GHSA-fjhg-96cp-6fcw published Oct 27, 2023 by kevinpapst

High