| ID | CVE-2019-10756 | ||||||
| Sažetak | It is possible to inject JavaScript within node-red-dashboard versions prior to version 2.17.0 due to the ui_notification node accepting raw HTML by default. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:M/Au:S/C:N/I:P/A:N | ||||||
| Zadnje važnije ažuriranje | 17-10-2019 - 18:30 | ||||||
| Objavljeno | 08-10-2019 - 19:15 |

