2 matches found
CVE-2019-19040
KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a '"sampling":"value":"...
CVE-2019-19040
KairosDB up to 1.2.2 contains an XSS in view.html via showErrorMessage in js/graph.js, demonstrated with a payload like '"sampling":{"value":"[removed]'". This CVE (CVE-2019-19040) is corroborated across multiple sources (NVD, Red Hat, GHSA/OSV, CNVD, CNVD CNVD, etc.). Exploitation status and con...