cockpit-hq/cockpit Security Advisories for 2.6.3 (7)
-
[MEDIUM] Cockpit - Content Platform vulnerable to XSS through name or email argument names
PKSA-htm2-8b2r-zt3z CVE-2025-7053 GHSA-j4rj-fgcq-wmqp
Affected version: <2.11.4
Reported by:
GitHub -
[CRITICAL] Cockpit CMS contains an arbitrary file upload vulenrability
PKSA-1g11-thhn-qmqq CVE-2024-4825 GHSA-vpj8-xfqc-jcv9
Affected version: <2.7.0
Reported by:
GitHub -
[MEDIUM] Cockpit CMS arbitrary file upload vulnerability
PKSA-dkf9-ctj9-6715 CVE-2023-41564 GHSA-38vf-35cg-m73w
Affected version: <=2.6.3
Reported by:
GitHub -
[MEDIUM] Cockpit Cross-site Scripting vulnerability
PKSA-t4f4-3p1b-pwvn CVE-2023-4451 GHSA-g3mv-64h3-h482
Affected version: <=2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-j62f-f87n-nv4p CVE-2023-4433 GHSA-ff45-2jp9-69jc
Affected version: <=2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-xrwz-4p22-v3sh CVE-2023-4432 GHSA-rmgx-3w4r-xcfp
Affected version: <=2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-55bx-95g3-bdpb CVE-2023-4395 GHSA-5cv4-48h7-7782
Affected version: <=2.6.3
Reported by:
GitHub