← volver
CVE-2021-25313

Rancher: XSS on /v3/cluster/

CVSS 7.1 HIGHEPSS 1.5%CWE-79
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rancher allows remote attackers to execute JavaScript via malicious links. This issue affects: SUSE Rancher Rancher versions prior to 2.5.6.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Productos afectados
SUSE · Rancher

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.suse.com/show_bug.cgi?id=1181852https://github.com/rancher/rancher/issues/31583https://github.com/rancher/rancher/releases/tag/v2.5.6