Vulnerabilities > Fit2Cloud
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-23 | CVE-2023-2845 | Unspecified vulnerability in Fit2Cloud Cloudexplorer Lite Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. | 8.1 |
| 2023-05-23 | CVE-2023-2844 | Authorization Bypass Through User-Controlled Key vulnerability in Fit2Cloud Cloudexplorer Lite Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. | 4.9 |
| 2023-03-16 | CVE-2023-28110 | Command Injection vulnerability in Fit2Cloud Jumpserver and Koko Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. | 9.9 |
| 2023-01-14 | CVE-2023-22478 | Missing Authorization vulnerability in Fit2Cloud Kubepi KubePi is a modern Kubernetes panel. | 7.5 |
| 2023-01-14 | CVE-2023-22480 | Incorrect Authorization vulnerability in Fit2Cloud Kubeoperator KubeOperator is an open source Kubernetes distribution focused on helping enterprises plan, deploy and operate production-level K8s clusters. | 9.8 |
| 2023-01-10 | CVE-2023-22479 | Session Fixation vulnerability in Fit2Cloud Kubepi KubePi is a modern Kubernetes panel. | 6.5 |
| 2023-01-04 | CVE-2023-22463 | Use of Hard-coded Credentials vulnerability in Fit2Cloud Kubepi KubePi is a k8s panel. | 9.8 |
| 2022-04-22 | CVE-2022-28074 | Cross-site Scripting vulnerability in Fit2Cloud Halo 1.5.0 Halo-1.5.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via \admin\index.html#/system/tools. | 3.5 |
| 2022-01-13 | CVE-2022-22123 | Cross-site Scripting vulnerability in Fit2Cloud Halo In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article title. | 3.5 |
| 2022-01-13 | CVE-2022-22124 | Cross-site Scripting vulnerability in Fit2Cloud Halo In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the profile image. | 3.5 |