CVE Reporting

Have you found any interesting threats during your research at KTH? If so, you can report it using the following Form so that we can collect it on the department’s webpage along with other interesting findings. To do that, you need to have done a responsible disclosure and have a CVE ID. If you haven’t done that yet, you can perform this process following the guide on Responsible Disclosure.

For reporting the CVE, you need to provide a short description of the vulnerabiliy as in the following example from our CVE List:

CVE-2020-12282
iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)
Student: Madeleine Berner
Supervisor: Pontus Johnson
Examiner: Robert Lagerström

Once having a CVE identifier, you can send us the details for its publication by filling the following form: