CVE-2019-19040

2019-11-17T21:15:00
ID CVE-2019-19040
Type cve
Reporter cve@mitre.org
Modified 2019-11-19T17:02:00

Description

KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a '"sampling":{"value":"<script>' substring.