Cross-site scripting (XSS) vulnerability in the edit comment dialog in bkr/server/widgets.py in Beaker 20.1 allows remote authenticated users to inject arbitrary web script or HTML via writing a crafted comment on an acked or nacked canceled job.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
beaker-project beaker 20.1 |