Vulnerabilities > Portainer > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-10-18 CVE-2021-42650 Cross-site Scripting vulnerability in Portainer
Cross Site Scripting (XSS vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates.
network
low complexity
portainer CWE-79
6.1
2019-11-07 CVE-2019-16878 Cross-site Scripting vulnerability in Portainer
Portainer before 1.22.1 has XSS (issue 2 of 2).
network
low complexity
portainer CWE-79
5.4
2019-11-07 CVE-2019-16874 Unspecified vulnerability in Portainer
Portainer before 1.22.1 has Incorrect Access Control (issue 2 of 4).
network
low complexity
portainer
6.5
2019-11-07 CVE-2019-16873 Cross-site Scripting vulnerability in Portainer
Portainer before 1.22.1 has XSS (issue 1 of 2).
network
low complexity
portainer CWE-79
5.4
2018-09-01 CVE-2018-16316 Cross-site Scripting vulnerability in Portainer
A stored Cross-site scripting (XSS) vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field.
network
low complexity
portainer CWE-79
5.4