3 matches found
CVE-2020-35592
Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI. A remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against other users and steal the session cookie...
CVE-2020-35592
CVE-2020-35592 affects Pi-hole 5.0, 5.1, and 5.1.1. A reflected XSS flaw arises from insufficient sanitization of user-supplied data in the Options header forwarded to the admin/ URI, enabling a remote attacker to inject arbitrary web script or HTML and potentially steal the session cookie. The d...
Pi-hole Web Interface < 5.4 Multiple Vulnerabilities
The Pi-hole Web Interface previously AdminLTE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...