Ceph · Ceph Object Gateway · CVE-2020-1760
**Name of the Vulnerable Software and Affected Versions**
Ceph Object Gateway (affected versions not specified)
**Description**
The issue is related to the Ceph Object Gateway, which supports requests from anonymous users in Amazon S3. This could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input. The flaw may allow a remote attacker to impact data integrity.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.