CVE-2018-1000163

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-1000163
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000163.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-1000163
Published
2018-04-18T19:29:00Z
Modified
2024-09-03T02:01:38.521875Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Floodlight version 1.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in the web console that can result in javascript injections into the web page. This attack appears to be exploitable via the victim browsing the web console.

References

Affected packages

Git / github.com/floodlight/floodlight

Affected ranges

Type
GIT
Repo
https://github.com/floodlight/floodlight
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

v0.*

v0.8
v0.85
v0.90

v1.*

v1.0
v1.1
v1.2