GHSA-w2cw-hx5v-f37rMediumCVSS 4.6
HestiaCP before 1.9.5 contains a stored cross-site scripting vulnerability that allows...
🔗 CVE IDs covered (1)
📋 Description
HestiaCP before 1.9.5 contains a stored cross-site scripting vulnerability that allows authenticated low-privilege users to inject arbitrary HTML by creating a DNS record with a double-quote followed by a script payload in the value field. The application fails to apply htmlspecialchars() encoding to the DNS record value field rendered into the data-sort-value HTML attribute in list_dns_rec.php, allowing the payload to execute in the browser of any user who views the DNS record list, including administrators.
🔗 References (6)
- https://nvd.nist.gov/vuln/detail/CVE-2025-30008
- https://github.com/hestiacp/hestiacp/pull/5196
- https://github.com/hestiacp/hestiacp/commit/07dda18ef0087ea981ff84d4d5757774cf2124b0
- https://github.com/hestiacp/hestiacp/releases/tag/1.9.5
- https://www.vulncheck.com/advisories/hestiacp-stored-xss-via-dns-record-management-interface
- https://github.com/advisories/GHSA-w2cw-hx5v-f37r