Cross-Site Scripting (XSS) Vulnerability in HashiCorp Consul and Consul Enterprise

Cross-Site Scripting (XSS) Vulnerability in HashiCorp Consul and Consul Enterprise

CVE-2020-25864 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.

Learn more about our Web Application Penetration Testing UK.