CVE-2017-1002152

CVE-2017-1002152

Vendor Fedora Project Infrastructure
Product Bodhi
Weakness CWE-94 · Code injection
Published January 10, 2019
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles.

Key dates

02Disclosure timeline

January 10, 2019 CVE published
September 16, 2024 Record updated