0.003 Low
EPSS
Percentile
68.5%
openocd is vulnerable to cross-site scripting (XSS). The library does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, allowing a malicious user to inject and execute arbitrary web scripts.
lists.debian.org/debian-lts-announce/2018/01/msg00027.html
security-tracker.debian.org/tracker/CVE-2018-5704
sourceforge.net/p/openocd/mailman/message/36188041/
www.debian.org/security/2018/dsa-4093