Lucene search

K
HestiacpControl Panel

7 matches found

CVE
CVE
added 2022/03/04 8:15 a.m.85 views

CVE-2022-0838

Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.10.

6.6CVSS6.1AI score0.00867EPSS
CVE
CVE
added 2022/03/16 1:15 p.m.81 views

CVE-2022-0986

Reflected Cross-site Scripting (XSS) Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.11.

6.1CVSS4.8AI score0.00315EPSS
CVE
CVE
added 2022/03/03 4:15 p.m.74 views

CVE-2022-0753

Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.9.

6.1CVSS4.9AI score0.00276EPSS
CVE
CVE
added 2020/03/25 11:15 p.m.71 views

CVE-2020-10966

In the Password Reset Module in VESTA Control Panel through 0.9.8-25 and Hestia Control Panel before 1.1.1, Host header manipulation leads to account takeover because the victim receives a reset URL containing an attacker-controlled server name.

6.5CVSS6.4AI score0.00505EPSS
CVE
CVE
added 2022/03/04 12:15 p.m.65 views

CVE-2022-0752

Cross-site Scripting (XSS) - Generic in GitHub repository hestiacp/hestiacp prior to 1.5.9.

6.1CVSS4.9AI score0.00297EPSS
CVE
CVE
added 2023/06/30 10:15 a.m.45 views

CVE-2023-3479

Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8.

6.1CVSS4.8AI score0.14887EPSS
CVE
CVE
added 2022/08/18 5:15 a.m.39 views

CVE-2021-30071

A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

6.1CVSS5.9AI score0.00085EPSS