CVE-2020-15881

Cross-site Scripting in packagist/munkireport/munki_facts

Identifiers

CVE-2020-15881

Package Slug

packagist/munkireport/munki_facts

Vulnerability

Cross-site Scripting

Description

A Cross-Site Scripting (XSS) vulnerability in the munki_facts (aka Munki Conditions) module for MunkiReport allows remote attackers to inject arbitrary web script or HTML via the key name.

Affected Versions

All versions before 1.5

Solution

Upgrade to version 1.5 or above.

Last Modified

2020-07-31

source