KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a ‘“sampling”:{“value”:"<script>’ substring.
CPE | Name | Operator | Version |
---|---|---|---|
kairosdb | eq | 1.2.0-beta3 | |
kairosdb | eq | 1.2.2 | |
kairosdb | eq | 1.1.1 | |
kairosdb | eq | 1.0.0-beta2a | |
kairosdb | eq | 1.1.2 | |
kairosdb | eq | 0.9.5beta1 | |
kairosdb | eq | 0.9.2 | |
kairosdb | eq | 0.9.5beta2 | |
kairosdb | eq | 0.9.3 | |
kairosdb | eq | 1.2.1 |