PT-2018-14823 · Squid+2 · Squid+3

Nikolas Lohmann

·

Publicado

2018-11-09

·

Atualizado

2024-06-15

·

CVE-2018-19131

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Squid versions prior to 4.4
Description The issue is related to a crafted X.509 certificate that can cause XSS during HTTP(S) error page generation for certificate errors.
Recommendations For versions prior to 4.4, update to version 4.4 or later to resolve the issue.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

ALT-PU-2018-2718
CVE-2018-19131
MGASA-2018-0458
OPENSUSE-SU-2018_3818-1
OPENSUSE-SU-2018_3825-1
OPENSUSE-SU-2024:11403-1
SUSE-SU-2018:3771-1
SUSE-SU-2018:3771-2
SUSE-SU-2018:3786-1
SUSE-SU-2018:3790-1
SUSE-SU-2018_3771-1
SUSE-SU-2018_3771-2
SUSE-SU-2018_3786-1
SUSE-SU-2018_3790-1

Produtos afetados

Alt Linux
Squid
Squid Cache
Suse