PT-2023-25659 · Jaegertracing · Jaeger Ui

Ngo

Publicado

2023-07-17

Atualizado

2023-07-27

CVE-2023-36656

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Jaegertracing Jaeger UI versions prior to 1.31.0

Description A Cross Site Scripting (XSS) issue allows a remote attacker to execute arbitrary code via the KeyValuesTable component.

Recommendations For versions prior to 1.31.0, update to version 1.31.0 or later to resolve the issue.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2023-36656

GHSA-VV24-RM95-Q56R

Jaeger Ui