cockpit-hq/cockpit Security Advisories for 2.6.2 (11)
-
[MEDIUM] Cockpit - Content Platform vulnerable to XSS through name or email argument names
PKSA-htm2-8b2r-zt3z CVE-2025-7053 GHSA-j4rj-fgcq-wmqp
Affected version: <2.11.4
Reported by:
GitHub -
[CRITICAL] Cockpit CMS contains an arbitrary file upload vulenrability
PKSA-1g11-thhn-qmqq CVE-2024-4825 GHSA-vpj8-xfqc-jcv9
Affected version: <2.7.0
Reported by:
GitHub -
[MEDIUM] Cockpit CMS arbitrary file upload vulnerability
PKSA-dkf9-ctj9-6715 CVE-2023-41564 GHSA-38vf-35cg-m73w
Affected version: <=2.6.3
Reported by:
GitHub -
[MEDIUM] Cockpit Cross-site Scripting vulnerability
PKSA-t4f4-3p1b-pwvn CVE-2023-4451 GHSA-g3mv-64h3-h482
Affected version: <=2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-j62f-f87n-nv4p CVE-2023-4433 GHSA-ff45-2jp9-69jc
Affected version: <=2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-xrwz-4p22-v3sh CVE-2023-4432 GHSA-rmgx-3w4r-xcfp
Affected version: <=2.6.3
Reported by:
GitHub -
[MEDIUM] Cockpit Cross-site Scripting vulnerability
PKSA-vwbc-y3t3-84k8 CVE-2023-4422 GHSA-8m65-qq6g-43rr
Affected version: <2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-55bx-95g3-bdpb CVE-2023-4395 GHSA-5cv4-48h7-7782
Affected version: <=2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-znb8-w45f-64b5 CVE-2023-4321 GHSA-3vf5-xm2p-6mh5
Affected version: <=2.6.2
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-ys3f-9xrr-xrsz CVE-2023-4196 GHSA-w3qm-93vf-5hrw
Affected version: <2.6.3
Reported by:
GitHub -
[CRITICAL] Cockpit PHP Remote File Inclusion vulnerability
PKSA-ywbw-pgpj-12g6 CVE-2023-4195 GHSA-xcq3-7pf3-5jvc
Affected version: <2.6.3
Reported by:
GitHub