CVE-2018-10854

CVSS 6.5 MEDIUMEPSS 0.6%CWE-79

cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Produtos afetados

Red Hat · cloudforms

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10854