Openfiler: >> Openfiler >> 2.99.1 Security Vulnerabilities
A cross-site scripting (XSS) vulnerability in Openfiler ESA v2.99.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the nic parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-12-11
Multiple cross-site request forgery (CSRF) vulnerabilities in Openfiler 2.99.1 allow remote attackers to hijack the authentication of administrators for requests that (1) shutdown or (2) reboot the server via a request to admin/system_shutdown.html.
CVSS Score
6.8
EPSS Score
0.002
Published
2014-09-30