SecuritySpace - CVE-2020-1721

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2020-1721

Description: A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.

Test IDs: 1.3.6.1.4.1.25623.1.1.2.2020.2263

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2020-1721
https://bugzilla.redhat.com/show_bug.cgi?id=1777579
https://bugzilla.redhat.com/show_bug.cgi?id=1777579

CVE ID:	CVE-2020-1721
Description:	A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.
Test IDs:	1.3.6.1.4.1.25623.1.1.2.2020.2263
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2020-1721 https://bugzilla.redhat.com/show_bug.cgi?id=1777579 https://bugzilla.redhat.com/show_bug.cgi?id=1777579