Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-10221

Опубликовано: 20 мар. 2020
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3
CVSS3: 4.3

Описание

A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

DNE

eoan

ignored

end of life
esm-apps/bionic

needed

esm-apps/focal

needed

esm-apps/jammy

not-affected

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needed
groovy

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 70%
0.00669
Низкий

4.3 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-10221

CVSS3: 4.3
redhat
больше 5 лет назад

A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.

nvd логотип

CVE-2019-10221

CVSS3: 4.3
nvd
около 5 лет назад

A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.

debian логотип

CVE-2019-10221

CVSS3: 4.3
debian
около 5 лет назад

A Reflected Cross Site Scripting vulnerability was found in all pki-co ...

github логотип

GHSA-wfff-rc4w-hpx2

github
около 3 лет назад

A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.

oracle-oval логотип

ELSA-2021-0851

oracle-oval
больше 4 лет назад

ELSA-2021-0851: pki-core security and bug fix update (IMPORTANT)

EPSS

Процентиль: 70%
0.00669
Низкий

4.3 Medium

CVSS2

4.3 Medium

CVSS3