Red Hat OpenShift Container Platform is prone to cross site scripting vulnerability. This occurred as the system failed to properly sanitise user supplied input.This can easily be exploited by an attacker to steal cookie- based authentication credentials and launch other attacks.
CVE-2019-3889
The affected versions are :-
Redhat OpenShift Container Platform 3.9
Redhat OpenShift Container Platform 3.7
Redhat OpenShift Container Platform 3.6
Redhat OpenShift Container Platform 3.5
Redhat OpenShift Container Platform 3.4
Redhat OpenShift Container Platform 3.11
Redhat OpenShift Container Platform 3.10
Redhat Openshift Container Platform found to have Cross Site Scripting Vulnerability
- Prophaze WAF
- July 9, 2019
- 9:46 am
Facebook
Twitter
LinkedIn
Recent Posts
Follow Us
zzcms 2018 template_user.php ml/title code injection
August 26, 2021
No Comments
A vulnerability was found in zzcms 2018 (Content Management System) and classified as critical. This issue affects an unknown function
ZyXEL VPN2S 1.12 Web Server path traversal
September 29, 2021
No Comments
A vulnerability classified as problematic was found in ZyXEL VPN2S 1.12. Affected by this vulnerability is an unknown part of
Zyxel VPN2S 1.12 CGI Program os command injection
September 29, 2021
No Comments
A vulnerability has been found in Zyxel VPN2S 1.12 and classified as critical. This vulnerability affects some unknown processing of
Zyxel USG/USG Flex/Zywall/ATP/VPN up to 4.64 Web-based Management Interface improper authentication
July 2, 2021
No Comments
A vulnerability was found in Zyxel USG, USG Flex, Zywall, ATP and VPN up to 4.64 (Firewall Software). It has
ZyXEL GS1900-8 2.60 LLDP Packet cross site scripting
July 26, 2021
No Comments
A vulnerability was found in ZyXEL GS1900-8 2.60. It has been classified as problematic. This affects an unknown code of
Zynamics BinDiff up to 6 i64 File use after free
June 30, 2021
No Comments
A vulnerability, which was classified as critical, has been found in Zynamics BinDiff up to 6. This issue affects an
Web Application Firewall Solution
CVE-2024-26922 : LINUX KERNEL UP TO 6.9-RC4 AMDGPU PRIVILEGE ESCALATION
April 24, 2024
No Comments
Description In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more
What Is SlowLoris DDoS Attacks?
April 24, 2024
No Comments
Slow Loris attacks are a type of stealthy, low-and-slow layer 7 Distributed Denial of Service (DDoS) attack that targets web
CVE-2024-21511 : MYSQL2 UP TO 3.9.6 READCODEFOR TIMEZONE CODE INJECTION
April 23, 2024
No Comments
Description Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the