CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15855
https://notcve.org/view.php?id=CVE-2020-15855
Two cross-site scripting vulnerabilities were fixed in Bodhi 5.6.1. En Bodhi versión 5.6.1, han sido corregidas dos vulnerabilidades de tipo cross-site scripting • https://pyup.io/packages/pypi/bodhi/changelog#5.6.1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2017-1002152
https://notcve.org/view.php?id=CVE-2017-1002152
Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles. Bodhi, en versiones 2.9.0 e inferiores, es vulnerable a Cross-Site Scripting (XSS), lo que resulta en la inyección de código provocada por la validación incorrecta de títulos de error. • https://github.com/fedora-infra/bodhi/issues/1740 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •