A cross-site scripting (XSS) vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to inject arbitrary web script or HTML via JSON properties available from the REST API.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://change.sos-berlin.com/browse/JOC-854 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-02-05T20:22:34
Updated: 2024-08-04T09:11:05.130Z
Reserved: 2020-01-13T00:00:00
Link: CVE-2020-6854
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-02-05T21:15:11.640
Modified: 2020-02-07T17:23:47.147
Link: CVE-2020-6854
Redhat
No data.