Vulnerabilities > PI Hole > PI Hole > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-04 CVE-2021-32793 Cross-site Scripting vulnerability in Pi-Hole
Pi-hole's Web interface provides a central location to manage a Pi-hole instance and review performance statistics.
network
low complexity
pi-hole CWE-79
4.8
4.8
2021-02-18 CVE-2020-35592 Cross-site Scripting vulnerability in Pi-Hole 5.0/5.1/5.1.1
Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI.
network
low complexity
pi-hole CWE-79
5.4
5.4
2021-02-18 CVE-2020-35591 Session Fixation vulnerability in Pi-Hole 5.0/5.1/5.1.1
Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation.
network
low complexity
pi-hole CWE-384
5.4
5.4
2020-12-24 CVE-2020-35659 Cross-site Scripting vulnerability in Pi-Hole
The DNS query log in Pi-hole before 5.2.2 is vulnerable to stored XSS.
network
low complexity
pi-hole CWE-79
6.1
6.1