pcs:stretch is vulnerable to a cross-site scripting. Improper validations of Node name field allow attackers to inject and execute arbitrary Javascript when creating or adding existing clusters.
CPE | Name | Operator | Version |
---|---|---|---|
pcs:stretch | eq | 0.9.155+dfsg-2+deb9u1 | |
pcs:stretch | eq | 0.9.155+dfsg-2+deb9u1 |