CVE-2018-10854

Summary

cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.

Affected Software

VendorProductVersion RangeStatus
Red Hatcloudformscloudforms 5.8 and cloudforms 5.9affected

Weaknesses

  • CWE-79: CWE-79

ADP Enrichment

CVE Program Container

Additional References

References