CVE-2018-10854
published 2019-11-22CVE-2018-10854: cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| red_hat | cloudforms | — | — |
| redhat | cloudforms_management_engine | — | — |
| redhat | cloudforms_management_engine | — | — |
| redhat | cloudforms_management_engine | — | — |