Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2026/03/25 12:26 a.m.4 views

SUSE CVE-2026-28280

osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The paylo...

8.7CVSS6AI score0.00227EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/02/28 2:7 a.m.9 views

osctrl has Stored Cross-Site Scripting (XSS) in On-Demand Query List

Summary A stored Cross-site Scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The payload is stored and executes in the browser of any user...

8.7CVSS6.1AI score0.00227EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/02/28 2:7 a.m.8 views

EUVD-2026-8923

osctrl has Stored Cross-Site Scripting XSS in On-Demand Query List...

8.7CVSS5.9AI score0.00227EPSS
Exploits0References4
NVD
NVD
added 2026/02/26 11:16 p.m.7 views

CVE-2026-28280

osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The paylo...

8.7CVSS0.00227EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/26 11:0 p.m.4 views

CVE-2026-28280

osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The paylo...

8.7CVSS7.4AI score0.00227EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.8 views

PT-2026-22226

Name of the Vulnerable Software and Affected Versions osctrl versions prior to 0.5.0 Description osctrl is an osquery management solution. A stored cross-site scripting XSS issue exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript v...

9.9CVSS6AI score0.22162EPSS
Exploits70References138
Rows per page
Query Builder