CVE-2018-10854

Description

cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10854

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3