CVE-2019-10221

Priority
Description
A Reflected Cross Site Scripting vulnerability was found in all pki-core
10.x.x versions, where the pki-ca module from the pki-core server. This
flaw is caused by missing sanitization of the GET URL parameters. An
attacker could abuse this flaw to trick an authenticated user into clicking
a specially crafted link which can execute arbitrary code when viewed in a
browser.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 20.04 LTS (Focal Fossa):needs-triage
Ubuntu 20.10 (Groovy Gorilla):needs-triage
More Information

Updated: 2020-09-09 22:37:03 UTC (commit b67d7d8b03f173f825cd706df5bd078bca500b0e)