Vulnerabilities > Fit2Cloud

DATE CVE VULNERABILITY TITLE RISK
2023-01-04 CVE-2023-22463 Use of Hard-coded Credentials vulnerability in Fit2Cloud Kubepi
KubePi is a k8s panel.
network
low complexity
fit2cloud CWE-798
critical
9.8
2022-04-22 CVE-2022-28074 Cross-site Scripting vulnerability in Fit2Cloud Halo 1.5.0
Halo-1.5.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via \admin\index.html#/system/tools.
network
fit2cloud CWE-79
3.5
2022-01-13 CVE-2022-22123 Cross-site Scripting vulnerability in Fit2Cloud Halo
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article title.
network
fit2cloud CWE-79
3.5
2022-01-13 CVE-2022-22124 Cross-site Scripting vulnerability in Fit2Cloud Halo
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the profile image.
network
fit2cloud CWE-79
3.5