0.001 Low
EPSS
Percentile
46.0%
Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles.
bugzilla.redhat.com/show_bug.cgi?id=1478587
github.com/fedora-infra/bodhi
github.com/fedora-infra/bodhi/commit/2a3b06b42242ecabb7fed6b147b033b36292d76f
github.com/fedora-infra/bodhi/issues/1740
nvd.nist.gov/vuln/detail/CVE-2017-1002152