4 matches found
CVE-2023-4395
Cross-site Scripting XSS - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4...
CVE-2023-4395 Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit
Cross-site Scripting XSS - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4...
CVE-2023-4395 Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit
Cross-site Scripting XSS - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4...
CVE-2023-4395
Cockpit XSS vulnerability (CVE-2023-4395) affects cockpit-hq/cockpit prior to version 2.6.4. The issue is a Stored XSS in the web UI, caused by input not being properly escaped in templates, allowing an authenticated attacker to inject JavaScript into Cockpit pages (Veracode description). Public ...