CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4422 – Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit
https://notcve.org/view.php?id=CVE-2023-4422
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3. Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en el repositorio GitHub cockpit-hq/cockpit anterior a la versión 2.6.3. • https://github.com/cockpit-hq/cockpit/commit/b8dad5e070608bb5e4ec58fabbee101b5af737cf https://huntr.dev/bounties/2e12b773-b6a2-48da-a4bb-55d5d1307d2e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4395 – Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit
https://notcve.org/view.php?id=CVE-2023-4395
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4. • https://github.com/cockpit-hq/cockpit/commit/36d1d4d256cbbab028342ba10cc493e5c119172c https://huntr.dev/bounties/60e38563-7ac8-4a13-ac04-2980cc48b0da • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4321 – Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit
https://notcve.org/view.php?id=CVE-2023-4321
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3. • https://github.com/cockpit-hq/cockpit/commit/34ab31ee9362da51b9709e178469dbffd7717249 https://huntr.dev/bounties/fce38751-bfd6-484c-b6e1-935e0aa8ffdc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4196 – Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit
https://notcve.org/view.php?id=CVE-2023-4196
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3. • https://github.com/cockpit-hq/cockpit/commit/039a00cc310bff128ca6e6c1c46c6fbad0385c2c https://huntr.dev/bounties/c275a2d4-721f-49f7-8787-b146af2056a0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4195 – PHP Remote File Inclusion in cockpit-hq/cockpit
https://notcve.org/view.php?id=CVE-2023-4195
PHP Remote File Inclusion in GitHub repository cockpit-hq/cockpit prior to 2.6.3. • https://github.com/cockpit-hq/cockpit/commit/800c05f1984db291769ffa5fdfb1d3e50968e95b https://huntr.dev/bounties/0bd5da2f-0e29-47ce-90f3-06518656bfd6 • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •