2 matches found
CVE-2021-29448
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin portal, which can be exploited by the malicious actor with the network access to DNS server. See the referenced GitHub security advisory for patch details...
CVE-2021-29448
Pi-hole exposes a Stored XSS vulnerability in the Admin portal (Web Interface) of Pi-hole, described across multiple sources. The issue is a stored DOM/XSS flaw in the AdminLTE-based interface that can be triggered by an attacker with network access to the DNS server. Affected is Pi-hole’s admin/...