CVE-2021-3509

Affects Red Hat Ceph Storage 4 dashboard (ceph-dashboard). The root cause is storage of the JWT for user authentication in the browser (localStorage), which exposes tokens to XSS risks. This is described in connected advisories for Ceph-derived distributions (Astral/Linux security bulletins and M...

SUSE-SU-2015:1300-1 Security update for novnc

novnc was updated to fix a session hijacking problem through insecurely set session token cookies bnc922233, CVE-2013-7436. Security Issues: CVE-2013-7436...