RSS   Podatności dla 'Octoprint'   RSS

2022-05-18
 
CVE-2022-1430

CWE-79
 

 
Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0.

 
 
CVE-2022-1432

CWE-79
 

 
Cross-site Scripting (XSS) - Generic in GitHub repository octoprint/octoprint prior to 1.8.0.

 
2021-05-11
 
CVE-2021-32561

CWE-79
 

 
OctoPrint before 1.6.0 allows XSS because API error messages include the values of input parameters.

 
2018-09-07
 
CVE-2018-16710

CWE-200
 

 
** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance of this report because their documentation states that with "blind port forwarding ... Putting OctoPrint onto the public internet is a terrible idea, and I really can't emphasize that enough."

 


Copyright 2024, cxsecurity.com

 

Back to Top