Bug 2120597 (CVE-2022-3205) - CVE-2022-3205 Controller: Cross site scripting in automation controller UI
Summary: CVE-2022-3205 Controller: Cross site scripting in automation controller UI
Keywords:
Status: NEW
Alias: CVE-2022-3205
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2120599 2120600
Blocks: 2115964
TreeView+ depends on / blocked
 
Reported: 2022-08-23 11:21 UTC by Vipul Nair
Modified: 2025-05-15 08:28 UTC (History)
21 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Vipul Nair 2022-08-23 11:21:04 UTC 
An XSS exists in  automation controller UI where the project name is susceptible to XSS injection.POC and INC ticket below
Note You need to log in before you can comment on or make changes to this bug.