Vulnerabilities > Osnexus > Quantastor > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-10 | CVE-2021-42080 | Cross-site Scripting vulnerability in Osnexus Quantastor 4.3.0 An attacker is able to launch a Reflected XSS attack using a crafted URL. | 7.4 |
| 2023-07-10 | CVE-2021-42081 | OS Command Injection vulnerability in Osnexus Quantastor 4.3.0 An authenticated administrator is allowed to remotely execute arbitrary shell commands via the API. | 7.2 |
| 2023-07-10 | CVE-2021-42082 | Improper Privilege Management vulnerability in Osnexus Quantastor 4.3.0 Local users are able to execute scripts under root privileges. | 7.8 |
| 2023-07-10 | CVE-2021-4406 | Command Injection vulnerability in Osnexus Quantastor 4.3.0 An administrator is able to execute commands as root via the alerts management dialog | 7.2 |