Security Advisory

CVE-2020-15391

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-23 19:45:02

Last updated 2024-08-04 13:15:20

Assigner mitre

State PUBLISHED

Description

The UI in DevSpace 4.13.0 allows web sites to execute actions on pods (on behalf of a victim) because of a lack of authentication for the WebSocket protocol. This leads to remote code execution.

← Browse all CVEs View on cve.org ↗