0.001 Low
EPSS
Percentile
33.8%
pki-core is vulnerable to cross-site scripting (XSS). An attacker could inject a specially crafted value that will be executed on the victim’s browser if an attacker has a valid nonce.
access.redhat.com/errata/RHSA-2021:0851
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1710171
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10146