A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to perform actions that impact users by using the "?next=" in a URL, which can lead to redirecting, injecting malicious script, stealing sessions and data.
2024-10-16T17:15:13.267
2025-03-26T05:15:39.593
Modified
CVSSv3.1: 6.1 (MEDIUM)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | redhat | ansible_automation_platform | 2.5 | Yes |
Application | redhat | ansible_developer | 1.2 | Yes |
Application | redhat | ansible_inside | 1.3 | Yes |
Operating System | redhat | enterprise_linux | 8.0 | No |
Operating System | redhat | enterprise_linux | 9.0 | No |