CNNVD-202601-3385 Information

CNNVD ID

CNNVD-202601-3385

Related CVE

CVE-2021-47873

• CNNVD Published: 2026-01-21

Description (Chinese)

Vesta Control Panel（VestaCP）是Vesta Control Panel公司的一个开源的虚拟主机控制面板。 Vesta Control Panel（VestaCP） 0.9.8-25之前版本存在跨站脚本漏洞，该漏洞源于IP接口配置存在跨站脚本，可能导致攻击者注入恶意脚本。

Description (English)

Vesta Control Panel (VestaCP) is an open-source virtual mainframe control panel for Vesta Control Panel. Vesta Control Panel (VestaCP) version 0.9.8-25 had a cross-site script loophole, which stemmed from the presence of cross-site scripts in the IP interface configuration, which could have injected malicious scripts into the attackers.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

Vesta Control Panel

Published

2026-01-21

Last Modified

2026-02-24

References

https://myvestacp.com https://vestacp.com https://www.exploit-db.com/exploits/49662 https://www.vulncheck.com/advisories/vestacp-stored-cross-site-scripting