tags in string literals when producing JSON.","datePublished":"2017-09-06T21:00:00+00:00","dateModified":"2024-08-06T05:39:31.412000+00:00","inLanguage":"es","author":{"@type":"Organization","name":"Vexday"},"publisher":{"@type":"Organization","name":"Vexday","url":"https://vexday.io"},"mainEntityOfPage":"https://vexday.io/es/cve/CVE-2015-3161","keywords":"CVE-2015-3161","breadcrumb":{"@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Inicio","item":"https://vexday.io/es"},{"@type":"ListItem","position":2,"name":"CVE-2015-3161"}]}}← volver

CVE-2015-3161

CVE-2015-3161

EPSS 0.8%

The search bar code in bkr/server/widgets.py in Beaker before 20.1 does not escape </script> tags in string literals when producing JSON.

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://beaker-project.org/jenkins-results/beaker-review-checks-docs/995/documentation/_build/html/whats-new/release-20.htmlhttps://bugzilla.redhat.com/attachment.cgi?id=1020004https://bugzilla.redhat.com/show_bug.cgi?id=1215024http://www.openwall.com/lists/oss-security/2015/05/08/1http://www.securityfocus.com/bid/74574