Octoprint: >> Octoprint >> 1.3.12 Security Vulnerabilities
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not *.log files.
CVSS Score
6.5
EPSS Score
0.004
Published
2021-05-11
OctoPrint before 1.6.0 allows XSS because API error messages include the values of input parameters.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-05-11
Page 3