Security Advisory

CVE-2022-23053

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-20 19:00:15

Last updated 2024-08-03 03:28:43

Assigner Mend

State PUBLISHED

Description

Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the “Condition Widget” element, that allows the injection of malicious JavaScript into the ‘URL’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.

← Browse all CVEs View on cve.org ↗