ID CVE-2024-10086
Summary A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 01-11-2024 - 12:57
Published 30-10-2024 - 22:15
Last modified 01-11-2024 - 12:57
Back to Top