Stored Cross Site Scripting Vulnerability in pki-core by Red Hat
CVE-2019-10180

2.4LOW

Key Information:

Vendor: [unknown]
Status: Pki-core
Vendor: CVE Published:; 31 March 2020

What is CVE-2019-10180?

A vulnerability in pki-core 10.x.x versions has been identified, where the Token Processing Service (TPS) fails to adequately sanitize parameters stored for tokens. This flaw allows an attacker with the ability to modify token parameters to potentially exploit an authenticated user's session by executing arbitrary JavaScript code, leading to potential compromises in user data and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

pki-core all pki-core 10.x.x versions

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10180

x_refsource_CONFIRM

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2020
Vulnerability Reserved
Mar 27, 2019

JSON

[unknown]