CVE-2020-35659

CVE-2020-35659

The DNS query log in Pi-hole before 5.2.2 is vulnerable to stored XSS. An attacker with the ability to directly or indirectly query DNS with a malicious hostname can cause arbitrary JavaScript to execute when the Pi-hole administrator visits the Query Log or Long-term data Query Log page.

Source: CVE-2020-35659

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다