Cross-site scripting (XSS) vulnerability in CUPS via the URL path, related to the is_path_absolute functionDeprecated |
ID: oval:org.secpod.oval:def:21003 | Date: (C)2014-09-03 (M)2023-07-28 |
Class: VULNERABILITY | Family: unix |
The host is installed with Common Unix Printing System (CUPS) before 1.7.2 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle a crafted URL patch. Successful exploitation could allow attackers to execute arbitrary code.
Platform: |
Red Hat Enterprise Linux 7 |