4 matches found
CVE-2026-33404
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, client hostnames and IP addresses from the FTL database are rendered into the DOM without escaping in network.js Network page and charts.js/index....
CVE-2026-33404
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, client hostnames and IP addresses from the FTL database are rendered into the DOM without escaping in network.js Network page and charts.js/index....
CVE-2026-33404 Pi-hole has a Stored XSS / HTML injection in the Network page/Dashboard
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, client hostnames and IP addresses from the FTL database are rendered into the DOM without escaping in network.js Network page and charts.js/index....
CVE-2026-33404
Pi-hole Admin Interface (Pi-hole) up to version 6.5 is affected by a stored XSS in the Network page and Dashboard tooltips due to unescaped DOM rendering of client hostnames and IPs from the FTL database in network.js and charts.js/index.js. The issue occurs for 6.0 through before 6.5, when user-...