Lucene search
K

5 matches found

OSV
OSV
added 2023/05/03 9:30 p.m.22 views

GHSA-9CHV-3W6C-JQ9W Cross Site Scripting in OpenTSDB

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

8.2CVSS6.1AI score0.00904EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/05/03 9:30 p.m.33 views

Cross Site Scripting in OpenTSDB

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

8.2CVSS5.9AI score0.00904EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/05/03 7:15 p.m.16 views

CVE-2023-25827

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

6.1CVSS6.2AI score
Exploits0References2
Prion
Prion
added 2023/05/03 7:15 p.m.21 views

Cross site scripting

Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...

5.8CVSS6AI score0.00904EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/06/29 2:0 p.m.79 views

CVE-2018-13003

OpenTSDB 2.3.0 contains a reflected XSS in the /suggest endpoint where the parameter type is not properly sanitized, enabling injection of arbitrary JavaScript into the browser of a targeted user. The issue’s root cause is related to insufficient input validation of parameters reflected in respon...

6.1CVSS5.7AI score0.00672EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder