Lucene search
GoogleOSV:CVE-2019-19040HistoryNov 17, 2019 - 9:15 p.m.
CVE-2019-19040
2019-11-1721:15:11
Google
osv.dev
1
KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a ‘“sampling”:{“value”:"<script>’ substring.
| CPE | Name | Operator | Version |
|---|---|---|---|
| kairosdb | eq | 1.2.0-beta3 | |
| kairosdb | eq | 1.2.2 | |
| kairosdb | eq | 1.1.1 | |
| kairosdb | eq | 1.0.0-beta2a | |
| kairosdb | eq | 1.1.2 | |
| kairosdb | eq | 0.9.5beta1 | |
| kairosdb | eq | 0.9.2 | |
| kairosdb | eq | 0.9.5beta2 | |
| kairosdb | eq | 0.9.3 | |
| kairosdb | eq | 1.2.1 |
References
Related
veracode
veracode
Cross-Site Scripting (XSS)
2019-11-18 03:47:13
nvd
nvd
CVE-2019-19040
2019-11-17 21:15:11
prion
prion
Cross site scripting
2019-11-17 21:15:00
cvelist
cvelist
CVE-2019-19040
2019-11-17 20:20:50
github
github
Reflected Cross site scripting (XSS) in kairosdb
2022-11-03 18:42:42
cve
cve
CVE-2019-19040
2019-11-17 21:15:11
osv
osv
Reflected Cross site scripting (XSS) in kairosdb
2022-11-03 18:42:42