Default credentials

2023-09-2715:18:00

PRIOn knowledge base

www.prio-n.com

apollo change requests

xss

user interaction

javascript uri link

nvd

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.0%

JSON

In Apollo change requests, comments added by users could contain a javascript URI link that when rendered will result in an XSS that require user interaction.

CPENameOperatorVersion
apollo_autopilotlt3.308.0

CPE	Name	Operator	Version
	apollo_autopilot	lt	3.308.0

References

palantir.safebase.us/?tcuUid=4c257f07-58af-4532-892a-bdbe8ab3ec63