In st2web in StackStorm Web UI... CVE-2019-9580
4.3
AV
AC
AU
C
I
A
发布:
2019-03-09
修订:
2019-03-12
In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3, it is possible to bypass the CORS protection mechanism via a "null" origin value, potentially leading to XSS.
漏洞利用/PoC
暂无可用Exp或PoC
受影响的平台与产品
当前有2条受影响产品信息
