Vulnerabilities > Portainer

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-07	CVE-2019-16873	Cross-site Scripting vulnerability in Portainer Portainer before 1.22.1 has XSS (issue 1 of 2). network low complexity portainer CWE-79	5.4
2019-03-27	CVE-2018-19466	Insufficiently Protected Credentials vulnerability in Portainer A vulnerability was found in Portainer before 1.20.0. network low complexity portainer CWE-522 critical	9.8
2018-11-20	CVE-2018-19367	Unspecified vulnerability in Portainer Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. network low complexity portainer critical	9.8
2018-09-01	CVE-2018-16316	Cross-site Scripting vulnerability in Portainer A stored Cross-site scripting (XSS) vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field. network low complexity portainer CWE-79	5.4
2018-06-22	CVE-2018-12678	Server-Side Request Forgery (SSRF) vulnerability in Portainer Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks. network low complexity portainer CWE-918 critical	9.8

Vulnerabilities > Portainer {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Portainer"}]}