VDB
KO
MEDIUM 6.1

GHSA-6m8r-jh89-rq7h

Rancher Cross-site Scripting Vulnerability

Details

A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rancher allows remote attackers to execute JavaScript via malicious links. This issue affects: SUSE Rancher Rancher versions prior to 2.5.6.

Are you affected?

Enter the version of the package you're using.

Affected packages

Go / github.com/rancher/rancher
Introduced in: 2.5.0 Fixed in: 2.5.6
Fix go get github.com/rancher/rancher@v2.5.6
Go / github.com/rancher/rancher
Introduced in: 2.4.0 Fixed in: 2.4.14
Fix go get github.com/rancher/rancher@v2.4.14
Go / github.com/rancher/rancher
Introduced in: 0 Fixed in: 2.3.11
Fix go get github.com/rancher/rancher@v2.3.11

References