Moderate: Red Hat Security Advisory: pki-core and redhat-pki-theme security and bug fix update

An update for pki-core and redhat-pki-theme is now available for Red Hat Certificate System 9.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2019-10178

creationtimestamp| type| source ---|---|--- 2020-03-18 19:31:03+00:00| seen| https://t.me/cibsecurity/10583...

CVE-2019-10178

It was found that the Token Processing Service TPS did not properly sanitize the Token IDs from the "Activity" page, enabling a Stored Cross Site Scripting XSS vulnerability. An unauthenticated attacker could trick an authenticated victim into creating a specially crafted activity, which would...

DEBIAN-CVE-2019-10178

It was found that the Token Processing Service TPS did not properly sanitize the Token IDs from the "Activity" page, enabling a Stored Cross Site Scripting XSS vulnerability. An unauthenticated attacker could trick an authenticated victim into creating a specially crafted activity, which would...

CVE-2019-10178

CVE-2019-10178 is a stored XSS vulnerability in the Token Processing Service (TPS) of the open-source PKI core. The root cause is unsanitized Token IDs from the Activity page, allowing an unauthenticated attacker to persuade an authenticated user to create a crafted activity, which will execute a...