VDB
GCVE-110-MAGEIA-2020-374
GCVE-110-MAGEIA-2020-374
Advisory Published
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote
VNC server could inject arbitrary HTML into the noVNC web page via the messages
propagated to the status field, such as the VNC server name. (CVE-2017-18635)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | novnc | 0 (affected), 0.5.1-2.1.mga7 (unaffected) | — |
Aliases
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.