Go modules package
github.com/jmpsec/osctrl
pkg:golang/github.com/jmpsec/osctrl
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-28280 | — | < 0.5.0 | 0.5.0 | Feb 26, 2026 | osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting (XSS) vulnerability exists in the `osctrl-admin` on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-de | ||
| CVE-2026-28279 | — | < 0.5.0 | 0.5.0 | Feb 26, 2026 | osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerability exists in the `osctrl-admin` environment configuration. An authenticated administrator can inject arbitrary shell commands via the hostname parameter when creating or editing e |
- CVE-2026-28280Feb 26, 2026affected < 0.5.0fixed 0.5.0
osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting (XSS) vulnerability exists in the `osctrl-admin` on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-de
- CVE-2026-28279Feb 26, 2026affected < 0.5.0fixed 0.5.0
osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerability exists in the `osctrl-admin` environment configuration. An authenticated administrator can inject arbitrary shell commands via the hostname parameter when creating or editing e