Proxmox: >> Virtual Environment >> 6.0 Security Vulnerabilities
An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated attacker to escalate privileges via bypassing the two-factor authentication component.
CVSS Score
8.8
EPSS Score
0.012
Published
2023-09-27
A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/.
CVSS Score
9.0
EPSS Score
0.002
Published
2022-12-14