Cross-Site Scripting (XSS) Vulnerability in Northern.tech CFEngine Enterprise

CVE-2019-19394 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0.

Learn more about our Web Application Penetration Testing UK.