Vulnerabilities (CVE)

Filtered by vendor Novnc Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18635 4 Canonical, Debian, Novnc and 1 more 4 Ubuntu Linux, Debian Linux, Novnc and 1 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.