CVE-2020-10944

Publication date

2020-04-28 13:29:50

Family

mitre

State

PUBLISHED

Description

HashiCorp Nomad and Nomad Enterprise up to 0.10.4 contained a cross-site scripting vulnerability such that files from a malicious workload could cause arbitrary JavaScript to execute in the web UI. Fixed in 0.10.5.