Vulnerabilities > Hestiacp > Control Panel > 1.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-03 | CVE-2022-0753 | Cross-site Scripting vulnerability in Hestiacp Control Panel Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.9. | 6.1 |
| 2021-09-15 | CVE-2021-3797 | Unspecified vulnerability in Hestiacp Control Panel hestiacp is vulnerable to Use of Wrong Operator in String Comparison | 9.8 |
| 2021-02-16 | CVE-2021-27231 | Unspecified vulnerability in Hestiacp Control Panel Hestia Control Panel 1.3.5 and below, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer's domain name, leading to spoofing of services or email messages. | 5.4 |