openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vulnerable to XSS in the distri and version parameter. This was reported through the bug bounty program of Offensive Security
References
Link | Resource |
---|---|
https://bugzilla.suse.com/show_bug.cgi?id=1142849 | Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2020-01-17 05:15
Updated : 2020-01-27 09:53
NVD link : CVE-2019-3686
Mitre link : CVE-2019-3686
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
suse
- openqa