Cockpit Security Vulnerabilities and Issues — Cockpit CVE List

Lucene search

AgentejoCockpit

4 matches found

cve•added 2024/02/29 2:15 p.m.•81 views

CVE-2024-2001

A Cross-Site Scripting vulnerability in Cockpit CMS affecting version 2.7.0. This vulnerability could allow an authenticated user to upload an infected PDF file and store a malicious JavaScript payload to be executed when the file is uploaded.

5.5CVSS5.2AI score0.00088EPSS

cve•added 2023/03/03 2:15 a.m.•58 views

CVE-2023-1160

Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0.

5.5CVSS4.9AI score0.00098EPSS

cve•added 2023/02/11 2:20 a.m.•54 views

CVE-2023-0780

Improper Restriction of Rendered UI Layers or Frames in GitHub repository cockpit-hq/cockpit prior to 2.3.9-dev.

5.4CVSS4.8AI score0.00173EPSS

cve•added 2025/07/04 3:15 a.m.•11 views

CVE-2025-7053

A vulnerability was found in Cockpit up to 2.11.3. It has been rated as problematic. This issue affects some unknown processing of the file /system/users/save. The manipulation of the argument name/email leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.11....

5.1CVSS3.7AI score0.00031EPSS