Security Advisory

CVE-2024-10086

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-30 21:21:46

Last updated 2025-01-10 13:06:42

Assigner HashiCorp

State PUBLISHED

Description

A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.

← Browse all CVEs View on cve.org ↗