CVE-2018-10854
6.5
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Summary
cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | cloudforms | cloudforms 5.8 and cloudforms 5.9 | affected |
Weaknesses
- CWE-79: CWE-79
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.