27 matches found
Moderate: Red Hat Bug Fix Advisory: Red Hat Developer Hub 1.2.2 bugfix release
Red Hat Developer Hub 1.2.2 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...
Important: Red Hat Enhancement Advisory: Red Hat Developer Hub 1.2 release
Red Hat Developer Hub 1.2 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single pa...
Tech Docs Template Cross-Site Scripting Vulnerability
Tech Docs Template is an open source Gem distribution technical documentation project from Government Digital Service. A security vulnerability exists in Tech Docs Template versions prior to 2.0.2 through 3.3.1, which stems from a cross-site scripting XSS vulnerability. An attacker can exploit th...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS such that Pages that are indexed in search results have their entire contents indexed, including any HTML code snippets. These HTML snippets would appear in the search results unsanitized. To exploit this...
govuk_tech_docs vulnerable to unescaped HTML on search results page
Impact Pages that are indexed in search results have their entire contents indexed, including any HTML code snippets. These HTML snippets would appear in the search results unsanitised, so it was possible to render arbitrary HTML or run arbitrary scripts. This is a low risk security issue; to...
GHSA-X2XW-HW8G-6773 govuk_tech_docs vulnerable to unescaped HTML on search results page
Impact Pages that are indexed in search results have their entire contents indexed, including any HTML code snippets. These HTML snippets would appear in the search results unsanitised, so it was possible to render arbitrary HTML or run arbitrary scripts. This is a low risk security issue; to...
govuk_tech_docs vulnerable to unescaped HTML on search results page
Impact Pages that are indexed in search results have their entire contents indexed, including any HTML code snippets. These HTML snippets would appear in the search results unsanitised, so it was possible to render arbitrary HTML or run arbitrary scripts. This is a low risk security issue; to...