Unrated severityNVD Advisory· Published Apr 30, 2021· Updated Aug 4, 2024
CVE-2020-1721
CVE-2020-1721
Description
A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- pki-core/pki-coredescription
- Range: =10.10.5
Patches
Vulnerability mechanics
References
1- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.