2 matches found
CVE-2020-5901
In NGINX Controller 3.3.0-3.4.0, undisclosed API endpoints may allow for a reflected Cross Site Scripting XSS attack. If the victim user is logged in as admin this could result in a complete compromise of the system...
CVE-2020-5901
CVE-2020-5901 affects NGINX Controller 3.3.0–3.4.0 . An undisclosed API endpoint may enable a reflected Cross‑Site Scripting (XSS) attack; if the victim is logged in as an administrator, this can lead to complete system compromise. The CVSSv3 base score is 9.6 (CRITICAL) with web‑network exposure...