Date: Mon, 24 Oct 2022 17:11:25 +0000 From: Dan Smith <dasmith@...are.com> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> CC: "dev@...de.apache.org" <dev@...de.apache.org> Subject: CVE-2022-34870: Apache Geode stored Cross-Site Scripting (XSS) via data injection vulnerability in Pulse web application Apache Geode versions up to 1.15.0 are vulnerable to a Cross-Site Scripting (XSS) via data injection when using Pulse web application to view Region entries. This issue is being tracked as GEODE-10411
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.