A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
No history.
Information
Published : 2020-04-23 15:15
Updated : 2024-11-21 05:11
NVD link : CVE-2020-1760
Mitre link : CVE-2020-1760
CVE.ORG link : CVE-2020-1760
JSON object : View
Products Affected
redhat
- openshift_container_platform
- ceph_storage
fedoraproject
- fedora
debian
- debian_linux
canonical
- ubuntu_linux
linuxfoundation
- ceph
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')