Michael Overmeyer

**Name of the Vulnerable Software and Affected Versions** Cobbler versions 2.0.0 through 2.6.11+ **Description** The issue concerns a Cross Site Scripting (XSS) vulnerability in cobbler-web, which can lead to Privilege escalation to admin. This can be exploited via network connectivity by sending an unauthenticated JavaScript payload to the Cobbler XMLRPC API at "/cobbler api". **Recommendations** For Cobbler versions 2.0.0 through 2.6.11+, consider disabling the cobbler-web module until a patch is available to prevent exploitation of the XSS vulnerability. Restrict access to the Cobbler XMLRPC API at "/cobbler api" to minimize the risk of unauthenticated JavaScript payload attacks.

**Name of the Vulnerable Software and Affected Versions** Cobbler versions 2.0.0 through 2.6.11+ **Description** The issue concerns an Incorrect Access Control vulnerability in the XMLRPC API, specifically at the `/cobbler api` endpoint. This can lead to privilege escalation, data manipulation or exfiltration, and LDAP credential harvesting. The vulnerability is exploitable via network connectivity and is a result of improper validation of security tokens in API endpoints. **Recommendations** For Cobbler versions 2.0.0 through 2.6.11+, consider restricting access to the `/cobbler api` endpoint until a patch is available. As a temporary workaround, review and strengthen the validation of security tokens in API endpoints to minimize the risk of exploitation.