A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting (XSS) if the script code is included in a small subset of table cells. The only known potential exploit is if the script is included in the name of a Kubernetes “Role” object* that is applied to a secured cluster. This object can be used by a user with access to the cluster or through a compromised third-party product.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:LRed Hat Advanced Cluster Security
APPRedhat4.0Stackrox
APPStackroxwszystkie wersje
Powiązane podatności
A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were not properly s...
A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafte...
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, al...
In Red Hat Advanced Cluster Security (RHACS), it was found that some security related HTTP headers were missin...
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)