REDHAT-BUG-2126353: XSS
First published: Tue Sep 13 2022(Updated: )
An HTML injection/reflected XSS vulnerability is found in the ovirt-engine. A parameter "error_description" fails to sanitize the entry allowing the vulnerability to trigger on the Windows Service Accounts home pages. Several filtering and escaping techniques can be used to mitigate these input validation vulnerabilities.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat oVirt Engine |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/references
- agent/weakness
- agent/type
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-3193
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/red hat
- canonical/red hat ovirt engine