Security Advisory

CVE-2019-10085

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-06-18 23:07:22

Last updated 2024-08-04 22:10:09

Assigner apache

State PUBLISHED

Description

In Apache Allura prior to 1.11.0, a vulnerability exists for stored XSS on the user dropdown selector when creating or editing tickets. The XSS executes when a user engages with that dropdown on that page.

← Browse all CVEs View on cve.org ↗