CVE-2020-15881
packagist/munkireport/munki_facts
Cross-site Scripting
A Cross-Site Scripting (XSS) vulnerability in the munki_facts
(aka Munki Conditions) module for MunkiReport
allows remote attackers to inject arbitrary web script or HTML via the key name.
All versions before 1.5
Upgrade to version 1.5 or above.
2020-07-31
source |