CVE-2019-11556
published 2020-09-25CVE-2019-11556: Pagure before 5.6 allows XSS via the templates/blame.html blame view.
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Pagure before 5.6 allows XSS via the templates/blame.html blame view.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pagure | — | — |
| opensuse | backports_sle | — | — |
| opensuse | leap | — | — |
| redhat | pagure | < 5.6 | 5.6 |
| redhat | pagure | >= 0 < 5.8.1+dfsg-3 | 5.8.1+dfsg-3 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
osv6.1MEDIUM