Linuxserver: >> Heimdall Application Dashboard Security Vulnerabilities
LinuxServer.io Heimdall before 2.7.3 allows XSS via the q parameter.
CVSS Score
7.2
EPSS Score
0.0
Published
2025-07-27
Heimdall Application Dashboard through 2.5.4 allows reflected and stored XSS via "Application name" to the "Add application" page. The stored XSS will be triggered in the "Application list" page.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-12-27