Lucene search
GoogleOSV:GHSA-9CHV-3W6C-JQ9WHistoryMay 03, 2023 - 9:30 p.m.
Cross Site Scripting in OpenTSDB
2023-05-0321:30:18
Google
osv.dev
6
0.001 Low
EPSS
Percentile
33.7%
Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a reflected XSS vulnerability with the suggestion endpoint.
Related
github
github
Cross Site Scripting in OpenTSDB
2023-05-03 21:30:18
OpenTSDB Cross-site Scripting vulnerability
2022-05-14 03:06:10
cvelist
cvelist
CVE-2023-25827 Cross-site Scripting in OpenTSDB
2023-05-03 18:36:14
CVE-2018-13003
2018-06-29 14:00:00
prion
prion
Cross site scripting
2023-05-03 19:15:00
Design/Logic Flaw
2018-06-29 14:29:00
cve
cve
CVE-2023-25827
2023-05-03 19:15:10
CVE-2018-13003
2018-06-29 14:29:00
osv
osv
CVE-2023-25827
2023-05-03 19:15:10
OpenTSDB Cross-site Scripting vulnerability
2022-05-14 03:06:10
CVE-2018-13003
2018-06-29 14:29:00
veracode
veracode
Cross-Site Scripting (XSS)
2018-07-02 04:04:45
Cross-site Scripting (XSS)
2023-05-09 02:22:15