Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0.
References
Link | Resource |
---|---|
https://cfengine.com/company/blog-detail/cve-2019-19394-mission-portal-javascript-injection-vulnerability/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2020-04-16 12:15
Updated : 2020-04-22 13:17
NVD link : CVE-2019-19394
Mitre link : CVE-2019-19394
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
northern.tech
- cfengine