CVE-2021-3914

Опубликовано: 27 окт. 2021

Источник: redhat

CVSS3: 6.5

Описание

It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2021-3914
https://nvd.nist.gov/vuln/detail/CVE-2021-3914

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=2018015smallrye-health-ui: persistent cross-site scripting in endpoint

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2021-3914

CVSS3: 6.1

nvd

больше 3 лет назад

It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.

GHSA-pvc3-wvxr-7cmf

CVSS3: 6.1

github

больше 3 лет назад

SmallRye Health UI Cross-site Scripting vulnerability

6.5 Medium

CVSS3