Graylog before v2.4.4 has an XSS security issue with unescaped text in notifications, related to toastr and util/UserNotification.js.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-06-01T14:00:00Z

Updated: 2024-09-17T00:51:07.626Z

Reserved: 2018-06-01T00:00:00Z

Link: CVE-2018-11650

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-06-01T14:29:00.363

Modified: 2024-11-21T03:43:46.373

Link: CVE-2018-11650

cve-icon Redhat

No data.