0.001 Low
EPSS
Percentile
34.0%
pki-core vulnerable to cross-site scripting. The vulnerability exists due to a flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request.
access.redhat.com/errata/RHSA-2021:0851
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1777579