CVE-2022-3205

Опубликовано: 13 сент. 2022

Источник: nvd

CVSS3: 4.6

CVSS3: 6.1

EPSS Низкий

Описание

Cross site scripting in automation controller UI in Red Hat Ansible Automation Platform 1.2 and 2.0 where the project name is susceptible to XSS injection

Ссылки

https://access.redhat.com/security/cve/CVE-2022-3205
https://bugzilla.redhat.com/show_bug.cgi?id=2120597
Issue Tracking
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2022-3205
https://bugzilla.redhat.com/show_bug.cgi?id=2120597
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:ansible_automation_platform:1.2:*:*:*:*:*:*:*

cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00391

Низкий

4.6 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-3205

CVSS3: 4.6

redhat

почти 3 года назад

Cross site scripting in automation controller UI in Red Hat Ansible Automation Platform 1.2 and 2.0 where the project name is susceptible to XSS injection

GHSA-24jx-rfj6-x4mp

CVSS3: 6.1

github

почти 3 года назад

An XSS exists in automation controller UI where the project name is susceptible to XSS injection

EPSS

Процентиль: 59%

0.00391

Низкий

4.6 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79