HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.
2021-04-20T16:15:10.193
2024-11-21T05:18:56.030
Modified
CVSSv3.1: 6.1 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | hashicorp | consul | < 1.7.14 | Yes |
Application | hashicorp | consul | < 1.7.14 | Yes |
Application | hashicorp | consul | < 1.8.10 | Yes |
Application | hashicorp | consul | < 1.8.10 | Yes |
Application | hashicorp | consul | < 1.9.5 | Yes |
Application | hashicorp | consul | < 1.9.5 | Yes |