Количество 7
Количество 7
CVE-2018-1000225
Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Cross Site Scripting (XSS) vulnerability in cobbler-web that can result in Privilege escalation to admin.. This attack appear to be exploitable via "network connectivity". Sending unauthenticated JavaScript payload to the Cobbler XMLRPC API (/cobbler_api).
CVE-2018-1000225
Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Cross Site Scripting (XSS) vulnerability in cobbler-web that can result in Privilege escalation to admin.. This attack appear to be exploitable via "network connectivity". Sending unauthenticated JavaScript payload to the Cobbler XMLRPC API (/cobbler_api).
CVE-2018-1000225
Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Cross Site Scripting (XSS) vulnerability in cobbler-web that can result in Privilege escalation to admin.. This attack appear to be exploitable via "network connectivity". Sending unauthenticated JavaScript payload to the Cobbler XMLRPC API (/cobbler_api).
CVE-2018-1000225
Cobbler version Verified as present in Cobbler versions 2.6.11+, but c ...
GHSA-q9g5-98pm-w6q7
Cobbler XSS Vulnerability
openSUSE-SU-2018:2590-1
Security update for cobbler
openSUSE-SU-2021:0046-1
Security update for cobbler
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-1000225 Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Cross Site Scripting (XSS) vulnerability in cobbler-web that can result in Privilege escalation to admin.. This attack appear to be exploitable via "network connectivity". Sending unauthenticated JavaScript payload to the Cobbler XMLRPC API (/cobbler_api). | CVSS3: 6.1 | 0% Низкий | больше 7 лет назад |
 | CVE-2018-1000225 Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Cross Site Scripting (XSS) vulnerability in cobbler-web that can result in Privilege escalation to admin.. This attack appear to be exploitable via "network connectivity". Sending unauthenticated JavaScript payload to the Cobbler XMLRPC API (/cobbler_api). | CVSS3: 9.6 | 0% Низкий | больше 7 лет назад |
 | CVE-2018-1000225 Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Cross Site Scripting (XSS) vulnerability in cobbler-web that can result in Privilege escalation to admin.. This attack appear to be exploitable via "network connectivity". Sending unauthenticated JavaScript payload to the Cobbler XMLRPC API (/cobbler_api). | CVSS3: 6.1 | 0% Низкий | больше 7 лет назад |
| CVE-2018-1000225 Cobbler version Verified as present in Cobbler versions 2.6.11+, but c ... | CVSS3: 6.1 | 0% Низкий | больше 7 лет назад |
| GHSA-q9g5-98pm-w6q7 Cobbler XSS Vulnerability | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
 | openSUSE-SU-2018:2590-1 Security update for cobbler | больше 7 лет назад | ||
| openSUSE-SU-2021:0046-1 Security update for cobbler | около 5 лет назад |
Уязвимостей на страницу