Vulnerabilities > Portainer > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-18 | CVE-2021-42650 | Cross-site Scripting vulnerability in Portainer Cross Site Scripting (XSS vulnerability exists in Portainer before 2.9.1 via the node input box in Custom Templates. | 6.1 |
| 2019-11-07 | CVE-2019-16878 | Cross-site Scripting vulnerability in Portainer Portainer before 1.22.1 has XSS (issue 2 of 2). | 5.4 |
| 2019-11-07 | CVE-2019-16874 | Unspecified vulnerability in Portainer Portainer before 1.22.1 has Incorrect Access Control (issue 2 of 4). | 6.5 |
| 2019-11-07 | CVE-2019-16873 | Cross-site Scripting vulnerability in Portainer Portainer before 1.22.1 has XSS (issue 1 of 2). | 5.4 |
| 2018-09-01 | CVE-2018-16316 | Cross-site Scripting vulnerability in Portainer A stored Cross-site scripting (XSS) vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field. | 5.4 |