Vulnerabilities > Hestiacp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-29 | CVE-2023-5839 | Privilege Chaining vulnerability in Hestiacp Control Panel Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9. | 7.8 |
| 2023-10-13 | CVE-2023-4517 | Cross-site Scripting vulnerability in Hestiacp Cross-site Scripting (XSS) - Stored in GitHub repository hestiacp/hestiacp prior to 1.8.6. | 5.4 |
| 2023-09-20 | CVE-2023-5084 | Cross-site Scripting vulnerability in Hestiacp Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.8.8. | 6.1 |
| 2023-06-30 | CVE-2023-3479 | Cross-site Scripting vulnerability in Hestiacp Control Panel Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8. | 6.1 |
| 2022-08-18 | CVE-2021-30070 | Unspecified vulnerability in Hestiacp An issue was discovered in HestiaCP before v1.3.5. | 7.5 |
| 2022-08-18 | CVE-2021-30071 | Cross-site Scripting vulnerability in Hestiacp Control Panel A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 |
| 2022-08-05 | CVE-2022-2636 | Code Injection vulnerability in Hestiacp Control Panel Improper Control of Generation of Code ('Code Injection') in GitHub repository hestiacp/hestiacp prior to 1.6.6. | 8.8 |
| 2022-08-05 | CVE-2022-2626 | Incorrect Privilege Assignment vulnerability in Hestiacp Control Panel Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6. | 7.2 |
| 2022-07-27 | CVE-2022-2550 | OS Command Injection vulnerability in Hestiacp Control Panel OS Command Injection in GitHub repository hestiacp/hestiacp prior to 1.6.5. | 8.8 |
| 2022-04-28 | CVE-2022-1509 | Command Injection vulnerability in Hestiacp Control Panel Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. | 8.8 |