cbcvebase.
CVE-2021-32857
published 2023-02-21

CVE-2021-32857: Cockpit is a content management system that allows addition of content management functionality to any site. In versions 0.12.2 and prior, bad HTML…

PriorityP425medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.71%
48.8th percentile
Cockpit is a content management system that allows addition of content management functionality to any site. In versions 0.12.2 and prior, bad HTML sanitization in `htmleditor.js` may lead to cross-site scripting (XSS) issues. There are no known patches for this issue.

Affected

2 ranges
VendorProductVersion rangeFixed in
agentejocockpit<= 0.12.2
microwebermicroweber0.12.2 – 0.12.2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.