cockpit-hq/cockpit is vulnerable to Cross-site Scripting (XSS). The vulnerability exists in Rest/GraphQL viewer due to lack of escaping script tags which allows an attacker to inject and execute arbitrary javascript.Read More