A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2021-05-26T21:25:44
Updated: 2024-08-04T16:25:43.403Z
Reserved: 2020-10-27T00:00:00
Link: CVE-2020-27839
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-05-26T22:15:07.863
Modified: 2024-11-21T05:21:54.607
Link: CVE-2020-27839
Redhat