Floodlight version 1.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in the web console that can result in javascript injections into the web page. This attack appears to be exploitable via the victim browsing the web console.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://xiaofen9.github.io/blog/floodlight-rce/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-04-18T19:00:00
Updated: 2024-08-05T12:33:49.312Z
Reserved: 2018-03-30T00:00:00
Link: CVE-2018-1000163
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-04-18T19:29:00.660
Modified: 2024-11-21T03:39:49.690
Link: CVE-2018-1000163
Redhat
No data.