CVE-2019-3889
published 2019-07-11CVE-2019-3889: A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 through 3.7…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 through 3.7 and openshift-enterprise-3.9 through 3.11. An attacker could use this flaw to steal authorization data by getting them to click on a malicious link.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| red_hat | atomic-openshift | — | — |
| redhat | openshift_container_platform | — | — |
| redhat | openshift_container_platform | — | — |
| redhat | openshift_container_platform | 3.4 – 3.7 | — |
| redhat | openshift_container_platform | 3.9 – 3.11 | — |