Описание
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | code not present |
| disco | not-affected | code not present |
| eoan | not-affected | code not present |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | not-affected | code not present |
| esm-apps/xenial | released | 1:0.4+dfsg+1+20131010+gitf68af8af3d-4+deb8u1build0.16.04.1 |
| esm-infra-legacy/trusty | DNE |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the ...
4.3 Medium
CVSS2
6.1 Medium
CVSS3