CVE-2020-1760

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Ceph Object Gateway (affected versions not specified)

Description The issue is related to the Ceph Object Gateway, which supports requests from anonymous users in Amazon S3. This could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input. The flaw may allow a remote attacker to impact data integrity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

ALT-PU-2020-1757

ALT-PU-2020-1769

ALT-PU-2020-2845

ALT-PU-2021-1830

ALT-PU-2021-2332

BDU:2021-03733

BIT-CEPH-2020-1760

CVE-2020-1760

DLA-2171-1

DLA-2735-1

DLA-3629-1

OESA-2021-1317

OPENSUSE-SU-2020:0494-1

OPENSUSE-SU-2020_0494-1

OPENSUSE-SU-2024:10676-1

RHSA-2020:3003

SUSE-SU-2020:0930-1

SUSE-SU-2020:0962-1

SUSE-SU-2020_0962-1

USN-4528-1

Affected Products

Alt Linux

Ceph Object Gateway

Suse

Ubuntu

CVE-2020-1760

Weakness Enumeration

Related Identifiers

Affected Products

References · 45