4 matches found
Cross-site Scripting (XSS)
Overview elastic-app-search is a Ruby client for the Elastic App Search. Affected versions of this package are vulnerable to Cross-site Scripting XSS. They contain a cross site scripting XSS flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result,...
UBUNTU-CVE-2020-7011
Elastic App Search versions before 7.7.0 contain a cross site scripting XSS flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacker is able to control the contents of such a field, they...
Enterprise Search 7.7.0 security update
Elastic App Search Cross Site Scripting flaw ESA-2020-04 Elastic App Search versions before 7.7.0 contain a cross site scripting XSS flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacke...
The vulnerability of the Reference UI component in the Intel Data Center Manager SDK development tools allows a attacker to execute arbitrary code.
The vulnerability of the Reference UI component in the Intel Data Center Manager SDK development toolset is caused by privilege management errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code with administrator privileges...