CVE-2020-10777
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-10777
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Red Hat CloudForms 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat CloudForms是美国红帽(Red Hat)公司的一套混合基础架构管理平台。该平台可跨越虚拟机、云、容器和物理基础架构,为用户提供部署、管理等功能。 Red Hat CloudForms 4.7版本和5版本中的Report Menu存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | CloudForms | 4.7 and 5 | - |
II. Public POCs for CVE-2020-10777
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-10777
请登录查看更多情报信息。
- https://access.redhat.com/security/cve/cve-2020-10777x_refsource_MISC
- https://bugzilla.redhat.com/show_bug.cgi?id=1847605x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2020-10777
Same Patch Batch · n/a · 2020-08-11 · 54 CVEs total
| CVE-2020-17466 | Turcom TRCwifiZone 安全漏洞 | |
| CVE-2020-10778 | Red Hat CloudForms 安全漏洞 | |
| CVE-2020-14324 | Red Hat CloudForms 操作系统命令注入漏洞 | |
| CVE-2020-10779 | Red Hat CloudForms 访问控制错误漏洞 | |
| CVE-2020-14325 | Red Hat CloudForms 授权问题漏洞 | |
| CVE-2020-14296 | Red Hat CloudForms 代码问题漏洞 | |
| CVE-2020-10783 | Red Hat CloudForms 安全漏洞 | |
| CVE-2020-17367 | Firejail 参数注入漏洞 | |
| CVE-2020-17368 | Firejail 操作系统命令注入漏洞 | |
| CVE-2020-17448 | Telegram Desktop 安全漏洞 | |
| CVE-2020-16092 | QEMU 输入验证错误漏洞 | |
| CVE-2020-15071 | Symphony CMS 跨站脚本漏洞 | |
| CVE-2020-13174 | Teradici Managament console 安全漏洞 | |
| CVE-2020-13175 | Teradici Cloud Access Connector和Cloud Access Connector Legacy 安全漏洞 | |
| CVE-2020-13176 | Teradici Cloud Access Connector和Cloud Access Connector Legacy 跨站脚本漏洞 | |
| CVE-2020-13177 | Teradici PCoIP Standard Agent和Graphics Agent 代码问题漏洞 | |
| CVE-2020-13178 | Teradici PCoIP Standard Agent和Graphics Agent 数据伪造问题漏洞 | |
| CVE-2020-14979 | EVGA Precision X1 WinRing0.sys和WinRing0x64.sys drivers 安全漏洞 | |
| CVE-2020-13179 | Teradici PCoIP Standard Agent和Graphics Agent 信息泄露漏洞 | |
| CVE-2020-11976 | Apache Wicket 信息泄露漏洞 |
Showing top 20 of 54 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2020-10777
No comments yet