CVE-2021-3914

It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:build_of_quarkus:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:text-only:*:*:*
cpe:2.3:a:redhat:openshift_application_runtimes:1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:smallrye_health:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-08-25 20:15

Updated : 2024-02-28 19:29


NVD link : CVE-2021-3914

Mitre link : CVE-2021-3914

CVE.ORG link : CVE-2021-3914


JSON object : View

Products Affected

redhat

  • openshift_application_runtimes
  • smallrye_health
  • build_of_quarkus
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')