[3.8] monit: Multiple vulnerabilities (CVE-2019-11454, CVE-2019-11455)ID: oval:org.secpod.oval:def:1801436 | Date: (C)2019-06-07 (M)2023-11-10 |
Class: PATCH | Family: unix |
CVE-2019-11454: cross-site scripting in Persistent cross-site scripting in in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized user field of the Authorization header for HTTP Basic Authentication, which is mishandled during an _viewlog operation.
Platform: |
Alpine Linux 3.8 |