HIGH🇬🇧 English

CVE-2021-41175

CVSS 7.3v3.1pub. 2021-10-26upd. 2024-11-21

Pi-hole's Web interface (based on AdminLTE) provides a central location to manage one's Pi-hole and review the statistics generated by FTLDNS. Prior to version 5.8, cross-site scripting is possible when adding a client via the groups-clients management page. This issue was patched in version 5.8.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
  • Pi Hole Web Interface

    APP
    Pi-Hole
    < 5.8
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2026-33765HIGH8.9ten sam produkt

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker block...

CVE-2025-59151HIGH8.2ten sam produkt

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tr...

CVE-2023-23614HIGH8.8ten sam produkt

Pi-hole®'s Web interface (based off of AdminLTE) provides a central location to manage your Pi-hole. Versions ...

CVE-2021-3706HIGH7.5ten sam produkt

adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag

CVE-2021-29448HIGH7.6ten sam produkt

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exist...