CVE-2022-1430: Cross-site Scripting in OctoPrint

(updated )

Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0. The login endpoint allows for javascript injection which may lead to account takeover in a phishing scenario.

References

Detect and mitigate CVE-2022-1430 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →