2 matches found
CVE-2018-14380
In Graylog before 2.4.6, XSS was possible in typeahead components, related to components/common/TypeAheadInput.jsx and components/search/QueryInput.ts...
CVE-2018-14380
CVE-2018-14380 affects Graylog before 2.4.6, where XSS was possible in typeahead components (TypeAheadInput.jsx and QueryInput.ts). The vulnerability is tied to the typeahead UI paths and could allow inline script execution. A fix is available in Graylog 2.4.6; upgrading to this version is the re...