CVE-2019-3686

Summary

openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vulnerable to XSS in the distri and version parameter. This was reported through the bug bounty program of Offensive Security

Affected Software

VendorProductVersion RangeStatus
SUSEopenQAunspecified < c172e8883d8f32fced5e02f9b6faaacc913df27baffected

Weaknesses

  • CWE-79: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

References