Lucene search
RedhatCVELIST:CVE-2022-3205HistorySep 13, 2022 - 7:19 p.m.
CVE-2022-3205 Controller: cross site scripting in automation controller ui
2022-09-1319:19:46
CWE-79
redhat
www.cve.org
5
cve-2022-3205
controller
automation controller ui
red hat ansible
xss injection
CVSS3
4.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
33.5%
Cross site scripting in automation controller UI in Red Hat Ansible Automation Platform 1.2 and 2.0 where the project name is susceptible to XSS injection
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat Ansible Automation Platform 1.2",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ansible-tower",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Ansible Automation Platform 2",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "automation-controller",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
]
}
]Related
redhatcve
redhatcve
CVE-2022-3205
2022-09-13 15:13:12
nvd
nvd
CVE-2022-3205
2022-09-13 20:15:09
prion
prion
Cross site scripting
2022-09-13 20:15:00
cve
cve
CVE-2022-3205
2022-09-13 20:15:09
CVSS3
4.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
33.5%
Related for CVELIST:CVE-2022-3205