Lucene search
Veracode Vulnerability DatabaseVERACODE:8139HistoryJan 11, 2019 - 1:37 a.m.
Cross-Site Scripting (XSS)
2019-01-1101:37:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
46.0%
bodhi-server is vulnerable to cross-site scripting (XSS). The bug title is not sanitized and HTML encoded before displaying on the user’s browser, which would allow a remote attacker to inject arbitrary Javascript into the victim’s browser to steal session tokens or perform unwanted actions on behalf of the user.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bodhi-server | le | 2.9.0 | |
| bodhi-server | le | 2.9.0 |
Related
osv
osv
CVE-2017-1002152
2019-01-10 21:29:00
Bodhi Cross-site Scripting Vulnerability
2022-05-13 01:38:23
PYSEC-2019-150
2019-01-10 21:29:00
prion
prion
Cross site scripting
2019-01-10 21:29:00
nessus
nessus
Fedora 26 : bodhi (2017-48f0384090)
2017-08-21 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: bodhi-2.9.1-1.fc26
2017-08-20 18:36:24
cve
cve
CVE-2017-1002152
2022-10-03 16:22:52
github
github
Bodhi Cross-site Scripting Vulnerability
2022-05-13 01:38:23
nvd
nvd
CVE-2017-1002152
2019-01-10 21:29:00
openvas
openvas
Fedora Update for bodhi FEDORA-2017-48f0384090
2017-08-21 00:00:00
cvelist
cvelist
CVE-2017-1002152
2022-10-03 16:22:52