2 matches found
CVE-2018-16316
CVE-2018-16316 describes a stored XSS in Portainer up to version 1.19.1, exploitable by remote authenticated users via the Team Name field. The issue stems from unvalidated input stored and rendered in teams management; real-world impact is arbitrary JavaScript/HTML execution for affected users. ...
CVE-2018-16316
A stored Cross-site scripting XSS vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field...