Описание
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-80
https://bugzilla.redhat.com/show_bug.cgi?id=2226965Controller: Html injection in custom login info
7.3 High
CVSS3
Связанные уязвимости
CVSS3: 7.3
nvd
больше 2 лет назад
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.
CVSS3: 7.3
github
больше 2 лет назад
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.
7.3 High
CVSS3