CVE Published: 18/06/2019 |
CVE Updated: 04/08/2024 |
CVE Year: 2019 Source: apache |
Vendor: n/a |
Product: Apache Allura Status : PUBLISHED
CVE-2019-10085 Description
In Apache Allura prior to 1.11.0, a vulnerability exists for stored XSS on the user dropdown selector when creating or editing tickets. The XSS executes when a user engages with that dropdown on that page.