Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:23349
HistoryApr 10, 2020 - 12:23 a.m.

Cross-site Scripting (XSS)

2020-04-1000:23:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7

0.001 Low

EPSS

Percentile

32.1%

JSON

setroubleshoot is vulnerable to cross-site scripting (XSS). The vulnerability exists as a flaw was found in the way sealert displayed records from the setroubleshoot database as unescaped HTML. An local unprivileged attacker could cause AVC denial events with carefully crafted process or file names, injecting arbitrary HTML tags into the logs, which could be used as a scripting attack, or to confuse the user running sealert.

Related

prion 1
nvd 1
cve 1
cvelist 1
nessus 3
openvas 3
oraclelinux 1
redhat 1
prion
prion
Cross site scripting
2008-05-23 15:32:00
nvd
nvd
CVE-2007-5496
2008-05-23 15:32:00
cve
cve
CVE-2007-5496
2008-05-23 15:32:00
cvelist
cvelist
CVE-2007-5496
2008-05-23 14:00:00
nessus
nessus
Scientific Linux Security Update : setroubleshoot on SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 5 : setroubleshoot (RHSA-2008:0061)
2008-05-22 00:00:00
Oracle Linux 5 : setroubleshoot (ELSA-2008-0061)
2023-09-07 00:00:00
openvas
openvas
RedHat Update for setroubleshoot RHSA-2008:0061-02
2009-03-06 00:00:00
RedHat Update for setroubleshoot RHSA-2008:0061-02
2009-03-06 00:00:00
Oracle: Security Advisory (ELSA-2008-0061)
2015-10-08 00:00:00
oraclelinux
oraclelinux
setroubleshoot security and bug fix update
2008-05-30 00:00:00
redhat
redhat
(RHSA-2008:0061) Moderate: setroubleshoot security and bug fix update
2008-05-20 00:00:00

0.001 Low

EPSS

Percentile

32.1%

JSON
Related for VERACODE:23349
prion1nvd1cve1cvelist1nessus3openvas3oraclelinux1redhat1