CVE-2019-10146

A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10146 Issue Tracking Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:dogtagpki:dogtagpki:*:*:*:*:*:*:*:*

Information

Published : 2020-03-18 08:15

Updated : 2023-02-12 15:32


NVD link : CVE-2019-10146

Mitre link : CVE-2019-10146


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

dogtagpki

  • dogtagpki

redhat

  • enterprise_linux