Описание
Cross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 3.4.2-2 |
| bionic | not-affected | 3.4.2-2 |
| cosmic | not-affected | 3.4.2-2 |
| devel | not-affected | 3.4.2-2 |
| disco | not-affected | 3.4.2-2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| esm-infra/bionic | not-affected | 3.4.2-2 |
| esm-infra/xenial | not-affected | 3.4.2-2 |
| lucid | ignored | end of life |
| precise | ignored | end of life |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message.
Cross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message.
Cross-site scripting (XSS) vulnerability in the management plugin in R ...
Cross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message.
4.3 Medium
CVSS2