Known Vulnerabilities for products from Pretalx
Listed below are 4 of the newest known vulnerabilities associated with the vendor "Pretalx".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41426 json | pretalx is a conference planning tool. Prior to 2026.1.0, an unauthenticated attacker can send arbitrary HTML-rendered emails... | Not Provided | 2026-04-24 | 2026-04-28 |
| CVE-2026-41241 json | pretalx is a conference planning tool. Prior to 2026.1.0, The organiser search in the pretalx backend rendered submission tit... | Not Provided | 2026-04-23 | 2026-04-28 |
| CVE-2023-28459 json | pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Users were able to upload crafted HT... | 6.5 - MEDIUM | 2023-04-20 | 2023-05-04 |
| CVE-2023-28458 json | pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Organizers can trigger the overwriti... | 4.3 - MEDIUM | 2023-04-20 | 2023-05-04 |