Lucene search
PRIOn knowledge basePRION:CVE-2019-9580HistoryMar 09, 2019 - 4:29 a.m.
Cross site scripting
2019-03-0904:29:00
PRIOn knowledge base
www.prio-n.com
3
In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3, it is possible to bypass the CORS protection mechanism via a “null” origin value, potentially leading to XSS.
| CPE | Name | Operator | Version |
|---|---|---|---|
| stackstorm | ge | 2.10.0 | |
| stackstorm | lt | 2.10.3 | |
| stackstorm | lt | 2.9.3 |
Related
cve
cve
CVE-2019-9580
2019-03-09 04:29:00
trendmicroblog
trendmicroblog
This Week in Security News: Security Vulnerabilities
2019-03-15 12:13:34
osv
osv
CVE-2019-9580
2019-03-09 04:29:00
cvelist
cvelist
CVE-2019-9580
2019-03-09 04:00:00
nvd
nvd
CVE-2019-9580
2019-03-09 04:29:00
checkpoint_advisories
checkpoint_advisories
StackStorm Web UI Remote Code Execution (CVE-2019-9580)
2019-03-17 00:00:00
thn
thn
Severe Flaw Disclosed In StackStorm DevOps Automation Software
2019-03-11 09:32:00