In Apache Allura prior to 1.11.0, a vulnerability exists for stored XSS on the user dropdown selector when creating or editing tickets. The XSS executes when a user engages with that dropdown on that page.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2019-06-18T23:07:22
Updated: 2019-06-19T17:06:02
Reserved: 2019-03-26T00:00:00
Link: CVE-2019-10085
JSON object: View
NVD Information
Status : Modified
Published: 2019-06-19T00:15:12.313
Modified: 2023-11-07T03:02:22.630
Link: CVE-2019-10085
JSON object: View
Redhat Information
No data.
CWE