VYPR
Moderate severityNVD Advisory· Published Sep 23, 2023· Updated Aug 3, 2024

Kiali: error message spoofing in kiali ui

CVE-2022-3962

Description

A content spoofing vulnerability was found in Kiali. It was discovered that Kiali does not implement error handling when the page or endpoint being accessed cannot be found. This issue allows an attacker to perform arbitrary text injection when an error response is retrieved from the URL being accessed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/kiali/kialiGo
< 1.57.41.57.4

Affected products

9

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.