CVE-2024-10033: A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to…

medium6.1CVSS 3.1

AVNACLPRNUIRSCCLILAN

A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to perform actions that impact users by using the "?next=" in a URL, which can lead to redirecting, injecting malicious script, stealing sessions and data.

Affected

3 ranges

Vendor	Product	Version range	Fixed in
redhat	ansible_automation_platform	—	—
redhat	ansible_developer	—	—
redhat	ansible_inside	—	—