CVE-2017-2661

Published: Mar 12, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

ClusterLabs pcs before version 0.9.157 is vulnerable to a cross-site scripting vulnerability due to improper validation of Node name field when creating new cluster or adding existing cluster.

Vendor	Product	Versions
ClusterLabs	pcs	affected `0.9.157`

Weaknesses (CWE)

CWE-79

References

https://github.com/ClusterLabs/pcs/commit/1874a769b5720ae5430f10c6cedd234430bc703f

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1428948

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-2661

Description

Affected Products

Weaknesses (CWE)

References