Lucene search

K
osvGoogleOSV:GHSA-JQQH-999X-W26W
HistoryMay 02, 2022 - 3:40 a.m.

Buildbot Cross-site scripting (XSS) vulnerability

2022-05-0203:40:27
Google
osv.dev
9
buildbot
xss
vulnerability
waterfall
web
status
remote attackers
inject
web script
html.

AI Score

5.4

Confidence

High

EPSS

0.003

Percentile

69.4%

Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

AI Score

5.4

Confidence

High

EPSS

0.003

Percentile

69.4%