6 matches found
CVE-2024-36110
ansibleguy-webui is an open source WebUI for using Ansible. Multiple forms in versions 0.0.21 allowed injection of HTML elements. These are returned to the user after executing job actions and thus evaluated by the browser. These issues have been addressed in version 0.0.21 0.0.21.post2 on pypi...
CVE-2024-36110
ansibleguy-webui is an open source WebUI for using Ansible. Multiple forms in versions 0.0.21 allowed injection of HTML elements. These are returned to the user after executing job actions and thus evaluated by the browser. These issues have been addressed in version 0.0.21 0.0.21.post2 on pypi...
CVE-2024-36110 Cross-site scripting in ansibleguy-webui
ansibleguy-webui is an open source WebUI for using Ansible. Multiple forms in versions 0.0.21 allowed injection of HTML elements. These are returned to the user after executing job actions and thus evaluated by the browser. These issues have been addressed in version 0.0.21 0.0.21.post2 on pypi...
CVE-2024-36110 Cross-site scripting in ansibleguy-webui
ansibleguy-webui is an open source WebUI for using Ansible. Multiple forms in versions 0.0.21 allowed injection of HTML elements. These are returned to the user after executing job actions and thus evaluated by the browser. These issues have been addressed in version 0.0.21 0.0.21.post2 on pypi...
CVE-2024-36110 Cross-site scripting in ansibleguy-webui
ansibleguy-webui is an open source WebUI for using Ansible. Multiple forms in versions 0.0.21 allowed injection of HTML elements. These are returned to the user after executing job actions and thus evaluated by the browser. These issues have been addressed in version 0.0.21 0.0.21.post2 on pypi...
CVE-2024-36110
CVE-2024-36110 affects the open-source web UI for Ansible named ansibleguy-webui. The vulnerability arises from multiple HTML injection points in forms for versions earlier than 0.0.21, with injected elements being returned to users and rendered by browsers after job actions. The issue has been a...