Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.6 security update

An update is now available for Red Hat OpenShift GitOps v1.12.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

CVE-2020-22608

Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php...

CVE-2020-22609

Cross Site Scripting XSS vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php...

Cross site scripting

Cross Site Scripting XSS vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php...

CVE-2020-22608

Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php...

CVE-2020-15111

In Fiber before version 1.12.6, the filename that is given in c.Attachment https://docs.gofiber.io/ctxattachment is not escaped, and therefore vulnerable for a CRLF injection attack. I.e. an attacker could upload a custom filename and then give the link to the victim. With this filename, the...