VDB

RHSA-2023%3A7198

RHSA-2023%3A7198 PUBLISHED CVSS 6.099999904632568 MEDIUM

A flaw was found in the Golang HTML package where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's web browser within the security context of the hosting website once the URL is clicked. The flaw allows an attacker to steal the victim's cookie-based authentication credentials.

Risk Scores

CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-csi-external-snapshotter-rhel9@sha256:dbc1d01c07d82ef9de2a5aadfe829fa2fbc4e3c502d55285d80fba2cdf9e2e9e_ppc64le as a component of Red Hat OpenShift Container Platform 4.15*, *, openshift4/ose-csi-external-snapshotter-rhel9@sha256:dbc1d01c07d82ef9de2a5aadfe829fa2fbc4e3c502d55285d80fba2cdf9e2e9e_ppc64le
Red Hatopenshift4/ose-cluster-baremetal-operator-rhel9@sha256:604f501ad4812c8583c2899bdee750db2b60fa472a0f72432a0ed34fc8eed703_s390x as a component of Red Hat OpenShift Container Platform 4.15*, openshift4/ose-cluster-baremetal-operator-rhel9@sha256:604f501ad4812c8583c2899bdee750db2b60fa472a0f72432a0ed34fc8eed703_s390x, openshift4/ose-cluster-baremetal-operator-rhel9@sha256:604f501ad4812c8583c2899bdee750db2b60fa472a0f72432a0ed34fc8eed703_s390x
Red Hatopenshift4/egress-router-cni-rhel8@sha256:6c9d4266fc3a81515821436c68eac1e8e4e233fea923b8126998bf08038511af_s390x as a component of Red Hat OpenShift Container Platform 4.15openshift4/egress-router-cni-rhel8@sha256:6c9d4266fc3a81515821436c68eac1e8e4e233fea923b8126998bf08038511af_s390x, openshift4/egress-router-cni-rhel8@sha256:6c9d4266fc3a81515821436c68eac1e8e4e233fea923b8126998bf08038511af_s390x, openshift4/egress-router-cni-rhel8@sha256:6c9d4266fc3a81515821436c68eac1e8e4e233fea923b8126998bf08038511af_s390x
Red Hatopenshift4/ose-multus-route-override-cni-rhel8@sha256:1f11d4136361a538d480b5106e3109643fffea79627f0f82a0d9463034cbf78f_arm64 as a component of Red Hat OpenShift Container Platform 4.15*, openshift4/ose-multus-route-override-cni-rhel8@sha256:1f11d4136361a538d480b5106e3109643fffea79627f0f82a0d9463034cbf78f_arm64, openshift4/ose-multus-route-override-cni-rhel8@sha256:1f11d4136361a538d480b5106e3109643fffea79627f0f82a0d9463034cbf78f_arm64
Red Hatopenshift4/ovirt-csi-driver-rhel8-operator@sha256:992c86825442e7e4801bdadad814cd8afca08d9f693da55320307418349e1f3c_s390x as a component of Red Hat OpenShift Container Platform 4.15openshift4/ovirt-csi-driver-rhel8-operator@sha256:992c86825442e7e4801bdadad814cd8afca08d9f693da55320307418349e1f3c_s390x, *, *
Red Hatopenshift4/ose-prometheus-config-reloader-rhel9@sha256:298020c336fdce989b516f29065932da3e4287f0b15c3c8dd811cedaf041d372_s390x as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-prometheus-config-reloader-rhel9@sha256:298020c336fdce989b516f29065932da3e4287f0b15c3c8dd811cedaf041d372_s390x, openshift4/ose-prometheus-config-reloader-rhel9@sha256:298020c336fdce989b516f29065932da3e4287f0b15c3c8dd811cedaf041d372_s390x, *
Red Hatopenshift4/ose-haproxy-router@sha256:d13a78f6da1a924beb5178da7e509335a38a918474f1b6f791dcdfd6d93239a4_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-haproxy-router@sha256:d13a78f6da1a924beb5178da7e509335a38a918474f1b6f791dcdfd6d93239a4_amd64, openshift4/ose-haproxy-router@sha256:d13a78f6da1a924beb5178da7e509335a38a918474f1b6f791dcdfd6d93239a4_amd64, openshift4/ose-haproxy-router@sha256:d13a78f6da1a924beb5178da7e509335a38a918474f1b6f791dcdfd6d93239a4_amd64
Red Hatopenshift4/ose-cluster-config-api-rhel9@sha256:56226e2f354f1a12bf7dbed08a73e27e18600d3e79b3ea0542c0f32508ee52dc_amd64 as a component of Red Hat OpenShift Container Platform 4.15*, openshift4/ose-cluster-config-api-rhel9@sha256:56226e2f354f1a12bf7dbed08a73e27e18600d3e79b3ea0542c0f32508ee52dc_amd64, openshift4/ose-cluster-config-api-rhel9@sha256:56226e2f354f1a12bf7dbed08a73e27e18600d3e79b3ea0542c0f32508ee52dc_amd64
Red Hatopenshift4/ose-multus-cni@sha256:6981758a122958778a84a568977df38c643f9068b4bbd573134127f330c3cb45_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-multus-cni@sha256:6981758a122958778a84a568977df38c643f9068b4bbd573134127f330c3cb45_amd64, openshift4/ose-multus-cni@sha256:6981758a122958778a84a568977df38c643f9068b4bbd573134127f330c3cb45_amd64, openshift4/ose-multus-cni@sha256:6981758a122958778a84a568977df38c643f9068b4bbd573134127f330c3cb45_amd64
Red Hatopenshift4/ose-cluster-kube-storage-version-migrator-rhel9-operator@sha256:64d5a4df7b9f9b7a0c272b09a1e9269821a67e533daf060de35ea1140ec5e057_ppc64le as a component of Red Hat OpenShift Container Platform 4.15*, openshift4/ose-cluster-kube-storage-version-migrator-rhel9-operator@sha256:64d5a4df7b9f9b7a0c272b09a1e9269821a67e533daf060de35ea1140ec5e057_ppc64le, openshift4/ose-cluster-kube-storage-version-migrator-rhel9-operator@sha256:64d5a4df7b9f9b7a0c272b09a1e9269821a67e533daf060de35ea1140ec5e057_ppc64le
Red Hatopenshift4/ose-openstack-cloud-controller-manager-rhel9@sha256:a2cc8b0c8ee7d119a49b7b7464ae2622f2e68a0c649aa5f7e4faea96013f1489_s390x as a component of Red Hat OpenShift Container Platform 4.15*, openshift4/ose-openstack-cloud-controller-manager-rhel9@sha256:a2cc8b0c8ee7d119a49b7b7464ae2622f2e68a0c649aa5f7e4faea96013f1489_s390x, openshift4/ose-openstack-cloud-controller-manager-rhel9@sha256:a2cc8b0c8ee7d119a49b7b7464ae2622f2e68a0c649aa5f7e4faea96013f1489_s390x
Red Hatopenshift4/ose-operator-registry-rhel9@sha256:7259b65d8ae04c89cf8c4211e4d9ddc054bb8aebc7f26fac6699b314dc40dbe3_amd64 as a component of Red Hat OpenShift Container Platform 4.15*, *, openshift4/ose-operator-registry-rhel9@sha256:7259b65d8ae04c89cf8c4211e4d9ddc054bb8aebc7f26fac6699b314dc40dbe3_amd64
Red Hatopenshift4/ose-kube-state-metrics-rhel9@sha256:7c840bf1cfbcce34df248f96497efdf48d085ae2d2fcae89d8f82609f381168e_amd64 as a component of Red Hat OpenShift Container Platform 4.15*, openshift4/ose-kube-state-metrics-rhel9@sha256:7c840bf1cfbcce34df248f96497efdf48d085ae2d2fcae89d8f82609f381168e_amd64, openshift4/ose-kube-state-metrics-rhel9@sha256:7c840bf1cfbcce34df248f96497efdf48d085ae2d2fcae89d8f82609f381168e_amd64
Red Hatopenshift4/ose-cluster-image-registry-rhel9-operator@sha256:87c91ce9fedd37a6d76e112532cc9d702c707f29b7ed5c3241a38f4122db2b2f_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-cluster-image-registry-rhel9-operator@sha256:87c91ce9fedd37a6d76e112532cc9d702c707f29b7ed5c3241a38f4122db2b2f_amd64, openshift4/ose-cluster-image-registry-rhel9-operator@sha256:87c91ce9fedd37a6d76e112532cc9d702c707f29b7ed5c3241a38f4122db2b2f_amd64, openshift4/ose-cluster-image-registry-rhel9-operator@sha256:87c91ce9fedd37a6d76e112532cc9d702c707f29b7ed5c3241a38f4122db2b2f_amd64
Red Hatopenshift4/ose-cluster-kube-cluster-api-rhel9-operator@sha256:bc1a14c2b5546549a57e95c2fa3e44e9efb4fc73d35c8adf1e3150fe13565963_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-cluster-kube-cluster-api-rhel9-operator@sha256:bc1a14c2b5546549a57e95c2fa3e44e9efb4fc73d35c8adf1e3150fe13565963_amd64, openshift4/ose-cluster-kube-cluster-api-rhel9-operator@sha256:bc1a14c2b5546549a57e95c2fa3e44e9efb4fc73d35c8adf1e3150fe13565963_amd64, openshift4/ose-cluster-kube-cluster-api-rhel9-operator@sha256:bc1a14c2b5546549a57e95c2fa3e44e9efb4fc73d35c8adf1e3150fe13565963_amd64
Red Hatopenshift4/ose-cluster-kube-scheduler-rhel9-operator@sha256:b077309e1e11f50c1805b8d430fd81e12781e2a9bbc50e4de61b8f34a5511761_s390x as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-cluster-kube-scheduler-rhel9-operator@sha256:b077309e1e11f50c1805b8d430fd81e12781e2a9bbc50e4de61b8f34a5511761_s390x, openshift4/ose-cluster-kube-scheduler-rhel9-operator@sha256:b077309e1e11f50c1805b8d430fd81e12781e2a9bbc50e4de61b8f34a5511761_s390x, openshift4/ose-cluster-kube-scheduler-rhel9-operator@sha256:b077309e1e11f50c1805b8d430fd81e12781e2a9bbc50e4de61b8f34a5511761_s390x
Red Hatopenshift4/ose-prometheus-node-exporter@sha256:2b6da183147ebef148b28a723cda9021ed1187f17635655288085b42806e48df_arm64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-prometheus-node-exporter@sha256:2b6da183147ebef148b28a723cda9021ed1187f17635655288085b42806e48df_arm64, openshift4/ose-prometheus-node-exporter@sha256:2b6da183147ebef148b28a723cda9021ed1187f17635655288085b42806e48df_arm64, openshift4/ose-prometheus-node-exporter@sha256:2b6da183147ebef148b28a723cda9021ed1187f17635655288085b42806e48df_arm64
Red Hatopenshift4/ose-cluster-olm-operator-rhel8@sha256:7f5d0890f1c9441d8ec11968d2fa94b55d94a573fd60dbbc682375af711d298f_ppc64le as a component of Red Hat OpenShift Container Platform 4.15*, *, openshift4/ose-cluster-olm-operator-rhel8@sha256:7f5d0890f1c9441d8ec11968d2fa94b55d94a573fd60dbbc682375af711d298f_ppc64le
Red Hatopenshift4/ose-cluster-samples-rhel9-operator@sha256:8f2fb4d0dbc0a8a5fd9fd9bf7502399494c9e44dc23cf6b5ddd4e6a8723400fa_ppc64le as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-cluster-samples-rhel9-operator@sha256:8f2fb4d0dbc0a8a5fd9fd9bf7502399494c9e44dc23cf6b5ddd4e6a8723400fa_ppc64le, *, *
Red Hatopenshift4/ose-cluster-kube-apiserver-rhel9-operator@sha256:b2639f2485739dc14d2ab18032302c0cff4298882515dee7b5584b0342a63bd8_amd64 as a component of Red Hat OpenShift Container Platform 4.15*, *, *

…and 1317 more

Exploit Intelligence

…and 91 more exploits

Timeline

  • Feb 27, 2024 CVE Published
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory

References

…and 1105 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›