CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-31358
https://notcve.org/view.php?id=CVE-2022-31358
14 Dec 2022 — A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/. Una vulnerabilidad de cross site scripting (XSS) reflejado en Proxmox Virtual Environment anterior a v7.2-3 permite a atacantes remotos ejecutar scripts web o HTML de su elección a través de endpoints inexistentes en la ruta /api2/html/. • http://proxmox.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-4156
https://notcve.org/view.php?id=CVE-2014-4156
27 Jan 2020 — Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability Proxmox VE versiones anteriores a 3.2: Vulnerabilidad de Enumeración de Usuario de "AccessControl.pm". • http://www.openwall.com/lists/oss-security/2014/06/17/16 • CWE-203: Observable Discrepancy •