Vulnerabilities > Octoprint

DATE CVE VULNERABILITY TITLE RISK
2022-05-18 CVE-2022-1430 Cross-site Scripting vulnerability in Octoprint
Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0.
network
high complexity
octoprint CWE-79
7.5
2022-05-18 CVE-2022-1432 Cross-site Scripting vulnerability in Octoprint
Cross-site Scripting (XSS) - Generic in GitHub repository octoprint/octoprint prior to 1.8.0.
network
high complexity
octoprint CWE-79
6.4
2021-05-11 CVE-2021-32560 Unspecified vulnerability in Octoprint
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not *.log files.
network
low complexity
octoprint
6.5
2021-05-11 CVE-2021-32561 Cross-site Scripting vulnerability in Octoprint
OctoPrint before 1.6.0 allows XSS because API error messages include the values of input parameters.
network
low complexity
octoprint CWE-79
6.1
2018-09-07 CVE-2018-16710 Information Exposure vulnerability in Octoprint
OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081.
network
low complexity
octoprint CWE-200
critical
9.1