VDB

CVE-2020-10715

CVE-2020-10715 PUBLISHED

Reported by redhat · Published September 16, 2020

A content spoofing vulnerability was found in the openshift/console 3.11 and 4.x. This flaw allows an attacker to craft a URL and inject arbitrary text onto the error page that appears to be from the OpenShift instance. This attack could potentially convince a user that the inserted text is legitimate.

Affected Products

VendorProductVersions
n/aopenshift/console3.11 and 4.x
github.comopenshift/builder/pkg/build/builderv3.11, v4.0, v3.11
n/aopenshift/console3.11 and 4.x, *

Timeline

  • Sep 16, 2020 CVE Published
  • Sep 28, 2020 CVE Updated
  • Apr 14, 2021 EPSS Score
  • Jun 22, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 25, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 27, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 2, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›