Reflected cross-site scripting (XSS) In octoprint
Description
Cross-site Scripting in OctoPrint Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0. The login endpoint allows for javascript injection which may lead to account takeover in a phishing scenario.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 pypi | 1.8.0 |
Aliases
1. 2. 3. 4. 5.
References
1. 2. 3.