CVE-2019-3889

Summary

A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 through 3.7 and openshift-enterprise-3.9 through 3.11. An attacker could use this flaw to steal authorization data by getting them to click on a malicious link.

Affected Software

VendorProductVersion RangeStatus
Red Hatatomic-openshiftopenshift-online-3, openshift-enterprise-3.4 through 3.7 and openshift-enterprise-3.9 through 3.11affected

Weaknesses

  • CWE-79: CWE-79

ADP Enrichment

CVE Program Container

Additional References

References