Vulnerabilities > Hestiacp

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-03	CVE-2022-0753	Cross-site Scripting vulnerability in Hestiacp Control Panel Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.9. network hestiacp CWE-79	4.3
2021-09-15	CVE-2021-3797	Unspecified vulnerability in Hestiacp Control Panel hestiacp is vulnerable to Use of Wrong Operator in String Comparison network low complexity hestiacp	7.5
2021-02-16	CVE-2021-27231	Unspecified vulnerability in Hestiacp Control Panel Hestia Control Panel 1.3.5 and below, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer's domain name, leading to spoofing of services or email messages. network low complexity hestiacp	5.5
2020-03-25	CVE-2020-10966	In the Password Reset Module in VESTA Control Panel through 0.9.8-25 and Hestia Control Panel before 1.1.1, Host header manipulation leads to account takeover because the victim receives a reset URL containing an attacker-controlled server name. network hestiacp vestacp	4.3

Vulnerabilities > Hestiacp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Hestiacp"}]}