CVE-2017-18635

medium

Description

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.

References

https://usn.ubuntu.com/4522-1/

https://lists.debian.org/debian-lts-announce/2021/12/msg00024.html

https://lists.debian.org/debian-lts-announce/2019/10/msg00004.html

https://github.com/novnc/noVNC/releases/tag/v0.6.2

https://github.com/novnc/noVNC/issues/748

https://github.com/novnc/noVNC/commit/6048299a138e078aed210f163111698c8c526a13#diff-286f7dc7b881e942e97cd50c10898f03L534

https://github.com/ShielderSec/cve-2017-18635

https://bugs.launchpad.net/horizon/+bug/1656435

https://access.redhat.com/errata/RHSA-2020:0754

Details

Source: Mitre, NVD

Published: 2019-09-25

Updated: 2022-04-06

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N