6 matches found
SUSE CVE-2026-28280
osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The paylo...
osctrl has Stored Cross-Site Scripting (XSS) in On-Demand Query List
Summary A stored Cross-site Scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The payload is stored and executes in the browser of any user...
EUVD-2026-8923
osctrl has Stored Cross-Site Scripting XSS in On-Demand Query List...
CVE-2026-28280
osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The paylo...
CVE-2026-28280
osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The paylo...
PT-2026-22226
Name of the Vulnerable Software and Affected Versions osctrl versions prior to 0.5.0 Description osctrl is an osquery management solution. A stored cross-site scripting XSS issue exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript v...