A new API endpoint introduced in pretix 2025 that is supposed to return all check-in events of a specific event in fact returns a

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when {name} is used in an ema

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when {name} is used in an ema

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when {name} is used in an ema

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when {name} is used in an emai

Stored XSS in organizer and event settings of pretix up to 2024.7.0 allows malicious event organizers to inject HTML tags into e-m

pretix before 2024.1.1 mishandles file validation.

An issue was discovered in pretix before 2023.7.1. Incorrect parsing of configuration files causes the application to trust unchec

pretix before 2023.7.2 allows Pillow to parse EPS files.

rami.io pretix before 4.17.1 allows OAuth application authorization from a logged-out session. The fixed versions are 4.15.1, 4.16