5 matches found
CVE-2024-12972
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akinsoft OctoCloud allows Cross-Site Scripting XSS. This issue affects OctoCloud: from s1.09.01 before v1.11.01...
CVE-2025-0640
Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft OctoCloud allows Resource Leak Exposure. This issue affects OctoCloud: from s1.09.02 before v1.11.01...
CVE-2025-2414
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft OctoCloud allows Authentication Bypass. This issue affects OctoCloud: from s1.09.03 before v1.11.01...
CVE-2025-0640 IDOR in Akinsoft's OctoCloud
Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft OctoCloud allows Resource Leak Exposure. This issue affects OctoCloud: from s1.09.02 before v1.11.01...
CVE-2024-12972
CVE-2024-12972 tracks an XSS vulnerability in Akinsoft OctoCloud caused by improper neutralization of input during web page generation. Affected versions are s1.09.01 through v1.11.01 (inclusive). The issue allows cross-site scripting when users view pages generated with untrusted input. Remediat...