Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 24 Oct 2022 17:11:25 +0000
From: Dan Smith <dasmith@...are.com>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
CC: "dev@...de.apache.org" <dev@...de.apache.org>
Subject: CVE-2022-34870: Apache Geode stored Cross-Site Scripting (XSS) via
 data injection vulnerability in Pulse web application 

Apache Geode versions up to 1.15.0 are vulnerable to a Cross-Site Scripting (XSS) via data injection when using Pulse web application to view Region entries.

This issue is being tracked as GEODE-10411

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.