Описание
Cross site scripting in automation controller UI in Red Hat Ansible Automation Platform 1.2 and 2.0 where the project name is susceptible to XSS injection
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ansible Automation Platform 1.2 | ansible-tower | Affected | ||
| Red Hat Ansible Automation Platform 2 | automation-controller | Affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=2120597Controller: Cross site scripting in automation controller UI
4.6 Medium
CVSS3
Связанные уязвимости
CVSS3: 4.6
nvd
около 3 лет назад
Cross site scripting in automation controller UI in Red Hat Ansible Automation Platform 1.2 and 2.0 where the project name is susceptible to XSS injection
CVSS3: 6.1
github
около 3 лет назад
An XSS exists in automation controller UI where the project name is susceptible to XSS injection
4.6 Medium
CVSS3