CVE-2022-22126
Openmct XSS via the “Web Page” element
Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Web Page” element, that allows the injection of malicious JavaScript into the ‘URL’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Productos afectados
nasa · openmct¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →