CVE-2022-26332

Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field...

EUVD-2022-1548

Malicious code in bioql PyPI...

Stored Cross-site Scripting (XSS)

andreapollastri/cipi is vulnerable to stored cross-site scripting. The vulnerability exists in /api/servers name field when adding a new server on the server panel, as it doesn't properly filter the parameters which allows an attacker to inject and execute arbitrary javascript...

Cross-site Scripting in Cipi

Cipi 3.1.15 allows Add Server stored cross-site scripting via the /api/servers name field...

GHSA-VPMW-77VM-4MJG Cross-site Scripting in Cipi

Cipi 3.1.15 allows Add Server stored cross-site scripting via the /api/servers name field...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field...

CVE-2022-26332

Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field...

CVE-2022-26332

Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field...

Cross site scripting

Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field...

CVE-2022-26332

CVE-2022-26332 affects Cipi 3.1.15 and enables stored XSS in the /api/servers name field. Multiple sources (NVD entry, Red Hat advisory, Veracode/GHSA, OSV, GITLAB file) confirm a stored XSS condition arising from unsafely accepted input for adding a server, enabling injection of arbitrary JavaSc...

CVE-2022-26332

Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field...

Cipi 跨站脚本漏洞

Cipi is a Laravel-based cloud server control panel by the individual developer Andrea Pollastri in Italy. A security vulnerability exists in Cipi that allows adding server storage XSS via the api server name field...

Cipi Control Panel 3.1.15 - Stored Cross-Site Scripting (Authenticated) Vulnerability

Exploit Title: Cipi Control Panel 3.1.15 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://cipi.sh/ Software Link: https://cipi.sh/ Version: 3.1.15 Tested on: Ubuntu When the user wants to add a new server on the "Server" panel, in...

Cipi Control Panel 3.1.15 Cross Site Scripting

Exploit Title: Cipi Control Panel 3.1.15 - Stored Cross-Site Scripting XSS Authenticated Date: 24.02.2022 Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://cipi.sh/ Software Link: https://cipi.sh/ Version: 3.1.15 Tested on: Ubuntu When the user wants to add a new server on the...

Cipi Control Panel 3.1.15 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Cipi Control Panel 3.1.15 - Stored Cross-Site Scripting XSS Authenticated Date: 24.02.2022 Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://cipi.sh/ Software Link: https://cipi.sh/ Version: 3.1.15 Tested on: Ubuntu When the user wants to add a new server on the...