漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cross-site Scripting (XSS)
Vulnerability Description
The package github.com/argoproj/argo-cd/cmd before 1.7.13, from 1.8.0 and before 1.8.6 are vulnerable to Cross-site Scripting (XSS) the SSO provider connected to Argo CD would have to send back a malicious error message containing JavaScript to the user.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
argo-cd 跨站脚本漏洞
Vulnerability Description
GitHub argo-cd是 (Github)开源的一个应用软件。用于Kubernetes的声明性GitOps连续交付工具。 github.com/argoproj/argo-cd/cmd 存在跨站脚本漏洞,该漏洞源于连接到Argo CD的SSO提供者将不得不向用户发送包含JavaScript的恶意错误消息。
CVSS Information
N/A
Vulnerability Type
N/A