CVE-2020-9299

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-9299
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-9299.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-9299
Published
2020-11-09T15:15:13.680Z
Modified
2026-04-10T04:28:40.642976Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

There were XSS vulnerabilities discovered and reported in the Dispatch application, affecting name and description parameters of Incident Priority, Incident Type, Tag Type, and Incident Filter. This vulnerability can be exploited by an authenticated user.

References

Affected packages

Git / github.com/netflix/dispatch

Affected ranges

Type
GIT
Repo
https://github.com/netflix/dispatch
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3f6d5b74c166456e26c809b134357f0ecc265a76
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "20201106"
        }
    ]
}

Affected versions

Other
v20200421
v20200922
v20201001
v20201013
v20201027
v20200922.*
v20200922.1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-9299.json"