Unrated severityNVD Advisory· Published Mar 20, 2020· Updated Aug 4, 2024
CVE-2020-1696
CVE-2020-1696
Description
A flaw was found in the all pki-core 10.x.x versions, where Token Processing Service (TPS) where it did not properly sanitize Profile IDs, enabling a Stored Cross-Site Scripting (XSS) vulnerability when the profile ID is printed. An attacker with sufficient permissions could trick an authenticated victim into executing a specially crafted Javascript code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
210.x.x+ 1 more
- (no CPE)range: 10.x.x
- (no CPE)range: all pki-core 10.x.x versions
Patches
Vulnerability mechanics
References
1- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.