obs: Stored XSS
CVE-2020-8031
6.3MEDIUM
What is CVE-2020-8031?
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Open Build Service allows remote attackers to store JS code in markdown that is not properly escaped, impacting confidentiality and integrity. This issue affects: Open Build Service versions prior to 2.10.8.
Affected Version(s)
Open Build Service Open Build Service < 2.10.8