Page 2 of 11 results (0.002 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11651
https://notcve.org/view.php?id=CVE-2018-11651
01 Jun 2018 — Graylog before v2.4.4 has an XSS security issue with unescaped text in dashboard names, related to components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx, and pages/ShowDashboardPage.jsx. Graylog en versiones anteriores a la v2.4.4 tiene un problema de seguridad de Cross-Site Scripting (XSS) con texto no escapado en los nombres de los dashboards. Esto está relacionado con components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx y pages/ShowDashboardPage.jsx. • https://github.com/Graylog2/graylog2-server/pull/4739 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •