Closed ChrisWNY closed 3 years ago
Looks like the Web UI received a minor update today to address a couple of security vulnerabilities, 8/4/2021. Pi-hole Core and FTL remain unchanged.
https://github.com/pi-hole/AdminLTE/releases/tag/v5.5.1
GHSA-g3w6-q4fg-p8x8 - "Stored XSS Vulnerability in the Pi-hole Webinterface" reported by both Dariusz Gońda and @awareseven
GHSA-5cm9-6p3m-v259 - "(Authenticated) Remote Code Execution Possible in Web Interface 5.5" reported by @SchneiderSec
@ChrisWNY Updated
Installing and testing now...will close it out shortly.
All set! Thanks and closing with this comment.
Looks like the Web UI received a minor update today to address a couple of security vulnerabilities, 8/4/2021. Pi-hole Core and FTL remain unchanged.
https://github.com/pi-hole/AdminLTE/releases/tag/v5.5.1
GHSA-g3w6-q4fg-p8x8 - "Stored XSS Vulnerability in the Pi-hole Webinterface" reported by both Dariusz Gońda and @awareseven
GHSA-5cm9-6p3m-v259 - "(Authenticated) Remote Code Execution Possible in Web Interface 5.5" reported by @SchneiderSec