News & Events

Advisories

YunoHost 2.7.2 to 2.7.14 – Multiple Vulnerabilities

YunoHost is an application that is used to manage applications hosted on a Linux server. Additionally, it allows the user to manage the entire Linux system, including installed services, firewall rules, and system updates. The application’s official website is yunohost.org. Version 2.7.2 was released on August 22, 2017, and version 2.7.14 was released on June 28, 2018. This security advisory discusses several vulnerabilities Bishop Fox researchers found in it.

Application Security, HTTP Header Injection, Stored Cross-Site Scripting