VDB

RHSA-2023%3A6837

RHSA-2023%3A6837 PUBLISHED CVSS 6.099999904632568 MEDIUM

A flaw was found in the Golang HTML package where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's web browser within the security context of the hosting website once the URL is clicked. The flaw allows an attacker to steal the victim's cookie-based authentication credentials.

Risk Scores

CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-multus-route-override-cni-rhel8@sha256:b4cdd0e77a6e0cded703addf8f40293fa6bbbe7bcf02cc87e2eabea2c6ce1221_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-multus-route-override-cni-rhel8@sha256:b4cdd0e77a6e0cded703addf8f40293fa6bbbe7bcf02cc87e2eabea2c6ce1221_amd64, openshift4/ose-multus-route-override-cni-rhel8@sha256:b4cdd0e77a6e0cded703addf8f40293fa6bbbe7bcf02cc87e2eabea2c6ce1221_amd64
Red Hatopenshift4/ose-etcd-rhel9@sha256:6411534bf480911dbb2ec9792502d45e771f92d5e3b91f572dbf4162312ba280_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-etcd-rhel9@sha256:6411534bf480911dbb2ec9792502d45e771f92d5e3b91f572dbf4162312ba280_amd64, openshift4/ose-etcd-rhel9@sha256:6411534bf480911dbb2ec9792502d45e771f92d5e3b91f572dbf4162312ba280_amd64, *
Red Hatopenshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:8df6040633c5fc3f9cbefe36521ed343aebd8b381b66b90e32979a5774ed69e3_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:8df6040633c5fc3f9cbefe36521ed343aebd8b381b66b90e32979a5774ed69e3_s390x, openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:8df6040633c5fc3f9cbefe36521ed343aebd8b381b66b90e32979a5774ed69e3_s390x, openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:8df6040633c5fc3f9cbefe36521ed343aebd8b381b66b90e32979a5774ed69e3_s390x
Red Hatopenshift4/ose-container-networking-plugins-rhel8@sha256:94bb78f9612529cafc144ec2f37780e8124b7cad4dd3a0d03d4b2cd39f0744b2_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-container-networking-plugins-rhel8@sha256:94bb78f9612529cafc144ec2f37780e8124b7cad4dd3a0d03d4b2cd39f0744b2_ppc64le, openshift4/ose-container-networking-plugins-rhel8@sha256:94bb78f9612529cafc144ec2f37780e8124b7cad4dd3a0d03d4b2cd39f0744b2_ppc64le, openshift4/ose-container-networking-plugins-rhel8@sha256:94bb78f9612529cafc144ec2f37780e8124b7cad4dd3a0d03d4b2cd39f0744b2_ppc64le
Red Hatopenshift4/ose-baremetal-runtimecfg-rhel8@sha256:fc4e6fe57f5d1ddbd816449e9b73ccc326d133de76bfd6d6683cf3a21a43a135_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fc4e6fe57f5d1ddbd816449e9b73ccc326d133de76bfd6d6683cf3a21a43a135_amd64, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fc4e6fe57f5d1ddbd816449e9b73ccc326d133de76bfd6d6683cf3a21a43a135_amd64, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:fc4e6fe57f5d1ddbd816449e9b73ccc326d133de76bfd6d6683cf3a21a43a135_amd64
Red Hatopenshift4/ose-cluster-network-operator@sha256:a40fc8163c3b84cdf8f7053d88ad8e61435d591595af68a335e4a11a544271ca_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, *, *
Red Hatopenshift4/ose-csi-livenessprobe@sha256:7944a1c63ce9585b1eede1ef616bc693a6b04d51527fadc2198ff2618c336270_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-csi-livenessprobe@sha256:7944a1c63ce9585b1eede1ef616bc693a6b04d51527fadc2198ff2618c336270_amd64, openshift4/ose-csi-livenessprobe@sha256:7944a1c63ce9585b1eede1ef616bc693a6b04d51527fadc2198ff2618c336270_amd64, *
Red Hatopenshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:b12d41e3ab2655148115e3d009240753d382aff2d38be25bebaea06310d9c0fa_arm64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:b12d41e3ab2655148115e3d009240753d382aff2d38be25bebaea06310d9c0fa_arm64, *, *
Red Hatopenshift4/ose-cluster-config-operator@sha256:8e5cb6963ea25d64183f401a8d972051481b6f522051904b0571d6db851fa3f0_arm64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cluster-config-operator@sha256:8e5cb6963ea25d64183f401a8d972051481b6f522051904b0571d6db851fa3f0_arm64, openshift4/ose-cluster-config-operator@sha256:8e5cb6963ea25d64183f401a8d972051481b6f522051904b0571d6db851fa3f0_arm64, *
Red Hatopenshift4/ose-cloud-credential-operator@sha256:7d7e38b628c7e4fa63b133e63e417be1fd0afac7862151df6333e85979a8c78e_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-cloud-credential-operator@sha256:7d7e38b628c7e4fa63b133e63e417be1fd0afac7862151df6333e85979a8c78e_ppc64le, openshift4/ose-cloud-credential-operator@sha256:7d7e38b628c7e4fa63b133e63e417be1fd0afac7862151df6333e85979a8c78e_ppc64le
Red Hatopenshift4/ose-docker-builder@sha256:eee6a8305bf7afe20592627deb33e5c3be6f1d24f6d1b551eb987d1d4627f0c3_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-docker-builder@sha256:eee6a8305bf7afe20592627deb33e5c3be6f1d24f6d1b551eb987d1d4627f0c3_s390x, *, openshift4/ose-docker-builder@sha256:eee6a8305bf7afe20592627deb33e5c3be6f1d24f6d1b551eb987d1d4627f0c3_s390x
Red Hatopenshift4/ose-cluster-baremetal-operator-rhel8@sha256:d483973f0ad91eba4bcef4407ed96aa4b75a6a87ae71b6761b3c0e582a124792_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cluster-baremetal-operator-rhel8@sha256:d483973f0ad91eba4bcef4407ed96aa4b75a6a87ae71b6761b3c0e582a124792_amd64, *, openshift4/ose-cluster-baremetal-operator-rhel8@sha256:d483973f0ad91eba4bcef4407ed96aa4b75a6a87ae71b6761b3c0e582a124792_amd64
Red Hatopenshift4/openshift-route-controller-manager-rhel8@sha256:12fe69f184e4f6fa1df681137698459fbdb1110ae24f021f6a24f131f1f41355_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/openshift-route-controller-manager-rhel8@sha256:12fe69f184e4f6fa1df681137698459fbdb1110ae24f021f6a24f131f1f41355_ppc64le, openshift4/openshift-route-controller-manager-rhel8@sha256:12fe69f184e4f6fa1df681137698459fbdb1110ae24f021f6a24f131f1f41355_ppc64le, *
Red Hatopenshift4/ose-prometheus@sha256:d50a4373035df9c5c7ce46bf5212296ac0c8aa3dc847b9211ebcc05c78790f20_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*, *, *
Red Hatopenshift4/ose-csi-snapshot-controller-rhel8@sha256:9917d3ae82bc2084a5b6612f1446927529032625c3bee5f8adbeb65eea988cea_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-csi-snapshot-controller-rhel8@sha256:9917d3ae82bc2084a5b6612f1446927529032625c3bee5f8adbeb65eea988cea_ppc64le, openshift4/ose-csi-snapshot-controller-rhel8@sha256:9917d3ae82bc2084a5b6612f1446927529032625c3bee5f8adbeb65eea988cea_ppc64le, *
Red Hatopenshift4/ose-csi-external-resizer-rhel8@sha256:dcf4b0aee536487f72e58386fd1212f03dbf1bbd1120de7e79e02adac91b4046_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-csi-external-resizer-rhel8@sha256:dcf4b0aee536487f72e58386fd1212f03dbf1bbd1120de7e79e02adac91b4046_ppc64le, *, openshift4/ose-csi-external-resizer-rhel8@sha256:dcf4b0aee536487f72e58386fd1212f03dbf1bbd1120de7e79e02adac91b4046_ppc64le
Red Hatopenshift4/ose-cluster-etcd-rhel8-operator@sha256:9e6202f41a928101f291e6defbc722aed841d81cd95cd36bff8cf486ba217ede_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cluster-etcd-rhel8-operator@sha256:9e6202f41a928101f291e6defbc722aed841d81cd95cd36bff8cf486ba217ede_ppc64le, *, openshift4/ose-cluster-etcd-rhel8-operator@sha256:9e6202f41a928101f291e6defbc722aed841d81cd95cd36bff8cf486ba217ede_ppc64le
Red Hatopenshift4/ose-monitoring-plugin-rhel8@sha256:a19a419b9c063b094ffd5429da46a14932725d2b369f33cde7c5e86c8a6eddc9_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-monitoring-plugin-rhel8@sha256:a19a419b9c063b094ffd5429da46a14932725d2b369f33cde7c5e86c8a6eddc9_ppc64le, openshift4/ose-monitoring-plugin-rhel8@sha256:a19a419b9c063b094ffd5429da46a14932725d2b369f33cde7c5e86c8a6eddc9_ppc64le, *
Red Hatopenshift4/ose-monitoring-plugin-rhel8@sha256:eef95d7fa962e8b5dc8ae7286304cbe578e20ff8cfde9e8127cda6ac0f3b8538_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-monitoring-plugin-rhel8@sha256:eef95d7fa962e8b5dc8ae7286304cbe578e20ff8cfde9e8127cda6ac0f3b8538_amd64, *, *
Red Hatrhcos@sha256:7a202d4cba8b5a70d362c7293d20c93c9955cad28d8fdfbd0c14d682b7ebdb46_x86_64 as a component of Red Hat OpenShift Container Platform 4.14rhcos@sha256:7a202d4cba8b5a70d362c7293d20c93c9955cad28d8fdfbd0c14d682b7ebdb46_x86_64, *, rhcos@sha256:7a202d4cba8b5a70d362c7293d20c93c9955cad28d8fdfbd0c14d682b7ebdb46_x86_64

…and 1303 more

Timeline

  • Nov 15, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 21, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›