Lucene search
China National Vulnerability DatabaseCNVD-2022-17014HistoryMar 04, 2022 - 12:00 a.m.
Hestiacp Cross-Site Scripting Vulnerability
2022-03-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
30.2%
Hestiacp is an open source Linux Web server control panel designed to provide administrators with an easy-to-use Web and command-line interface. Hestiacp suffers from a cross-site scripting vulnerability that stems from an unprocessed user-controlled GET field parameter in index.php, which can be exploited by attackers to run malicious Javascript on a Web page code on a web page to steal a user’s cookie and gain unauthorized access to that user’s account via the stolen cookie.
| CPE | Name | Operator | Version |
|---|---|---|---|
| hestiacp hestiacp | lt | 1.5.9 |
Related
cve
cve
CVE-2022-0753
2022-03-03 16:15:07
nvd
nvd
CVE-2022-0753
2022-03-03 16:15:07
osv
osv
CVE-2022-0753
2022-03-03 16:15:07
cvelist
cvelist
CVE-2022-0753 Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp
2022-03-03 15:30:12
huntr
huntr
Cross-site Scripting (XSS) - Reflected
2022-02-17 15:30:47
prion
prion
Cross site scripting
2022-03-03 16:15:00