[GHSA-v8fc-qxvj-f3mg] NASA Open MCT Cross Site Scripting vulnerability #2973

MarkLee131 · 2023-11-22T06:55:19Z

Updates

Affected products
References

Comments
Add patch commit for v3.1.1: nasa/openmct@4e95e12
which belongs to this PR: nasa/openmct#7148
And they were mentioned in the release notes for v3.1.1: https://github.com/nasa/openmct/releases/tag/v3.1.1: "cherry-pick(#7144): fix(#7143): add eslint-plugin-no-unsanitized and fix errors by @ozyx in #7148
Fixes CVE-2023-45884, CVE-2023-45885" .

advisory-database · 2023-11-22T16:49:08Z

Hi @MarkLee131! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future!

Improve GHSA-v8fc-qxvj-f3mg

87267c4

github-actions bot changed the base branch from main to MarkLee131/advisory-improvement-2973 November 22, 2023 06:56

advisory-database bot merged commit bca1540 into MarkLee131/advisory-improvement-2973 Nov 22, 2023
2 checks passed

advisory-database bot deleted the MarkLee131-GHSA-v8fc-qxvj-f3mg branch November 22, 2023 16:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[GHSA-v8fc-qxvj-f3mg] NASA Open MCT Cross Site Scripting vulnerability #2973

[GHSA-v8fc-qxvj-f3mg] NASA Open MCT Cross Site Scripting vulnerability #2973

MarkLee131 commented Nov 22, 2023

advisory-database bot commented Nov 22, 2023

[GHSA-v8fc-qxvj-f3mg] NASA Open MCT Cross Site Scripting vulnerability #2973

[GHSA-v8fc-qxvj-f3mg] NASA Open MCT Cross Site Scripting vulnerability #2973

Conversation

MarkLee131 commented Nov 22, 2023

advisory-database bot commented Nov 22, 2023